CT30A8800 Secured communications

Size: px
Start display at page:

Download "CT30A8800 Secured communications"

Transcription

1 CT30A8800 Secured communications Pekka Jäppinen October 31, 2007 Pekka Jäppinen, Lappeenranta University of Technology: October 31, 2007

2 Secured Communications: Key exchange Schneier, Applied Cryptography: Chapter 2 Key exchange In order to create secure communication channel both sides have to know the key to encrypt and decrypt data In symmetric cryptocraphy both side have one shared key. secure key exchange quarantees that both sides know the key and no-one else does. In asymmetric both sides have their own private keys and publicly known publi keys Key exchange is used to verify the authenticity of the public key. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

3 Secured Communications: Key exchange Schneier, Applied Cryptography: Chapter 2 Creating keys Creating a symmetric key ca be done in two ways 1. Generating key before key exchange Generate a random number that is between values 0 - (2 n 1), where n is the size of required key 64 - bit key = 64 zeroes and ones in a row -> integer number 0 (2 64 1). The value has to be real random value. Bad implementation Which side generates the key Do we trust that the other side generates secure key? Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

4 Secured Communications: Key exchange Schneier, Applied Cryptography: Chapter 2 2. Generating key along with the key exchange protocol Key depends on random values generated on both sides Creation of asymmetric key Depends on the used algorithm as the public and private key has a relation. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

5 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Symmetric key exchange using symmetric cryptography Key exchange with symmetric cryptography Trusted third party T has a symmetric key for communication with both A and B (keys K T A and K T B ) 1. A connects to T and requests session key to communicate with B K A B 2. T generates session key and makes two copies of it. T encrypts one copy with K T A and other with K T B and sends the copies to A 3. A decrypts the session key (D KT A (E( KT A K A B )) 4. A sends to B the messages containing session key that was encrypted with key K T B Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

6 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s 5. B decrypts the key 6. A and B can now communicate securely with using the key K A B Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

7 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Problems in using symmetric cryptography Have to trust T completely T knows the session key and can thus decrypt the secured communication between A and B T can be bottleneck If Malicious M corrupts T, M can decrypt the messages sent between A and B (old and new messages) Blocking communications to T breaks the system Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

8 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Shamir-three-pass protocol Requires commutative symmetric cipher In commutative ciphers encryption and decryption functions can change places or can even be the same function. For example XOR 1. A creates random session key K A B,to be used for communication with B and encrypts it witk another randow key K a E Ka (K A B ) 2. A sends the encrypted key to B Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

9 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s 3. B encrypts the message from A with his own random key K B and sends the message back to A E KB (E KA (K A B ) 4. A decrypts the message with her own key and sends it back to B D KA (E KB (E KA (K A B )) 5. B decrypts the message with his own key and has now the session key D KB (D KA (E KB (E KA (K A B ))) = K A B If XOR is used as encryption function, the key can be revealed if all the three transmitted messages are eavesdropped. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

10 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s XOR:ing first and second message gives K B as a result. XOR:ing K B with third messages gives key K A B Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

11 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Key exchange using asymmetric cryptography 1. A fetches the public key of B from T. T can be for example KDC (Key Distribution Center) 2. A generates random session key. 3. A encrypts session key with the public key of B and then sends it to B. 4. B decrypts the message from A with his private key. 5. A and B encrypt the communication channel with the symmetric cipher using the shared session key. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

12 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Man-in-the-middle Man-in-the-middle attack can be used to eavesdrop communication when asymmetric algorithm is used. M pretends to be B to A and A to B and thus can eavesdrop the communication 1. A sends her public key to B. M catches the message and instead sends his own public key to B. 2. B sends his public key to A. M catches also this message and sends A his own public key. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

13 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s 3. When A sends messages to B they are encrypted using M:s public key. M catches the messages, decrypts them and encrypts them again using B:s public key and then sends them to B 4. Similar measures are taken when B sends messages to A. KDC:tä käytettäessä M pretends to be KDC to both A and B M may pretend to be A and B towards KDC and give his own key to KDC as a key of A or B. M may break in to the KDC s key database and change the key information in there Man-in-the-middle attack works, because A and B has no way to verify they validity of each others public key nor with whom they are communication Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

14 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Using digital signatures to verify keys T signs the public keys of A and B The keys are signed along with information about the owner of the keys (certificate) I T,E T private (k Apublic,I A ),k T public where I is Identity information and k is the key A and B can verify the validity of keys by verifying the signature of T Requires the knowledge about the public key of T. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

15 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s The protocol reduces the risks of using T. M cannot pretend to be A or B, as he don t know their secret keys. M cannot change his own key as a key of A or B as his key is signed for M. IF KDC is broken into, M can get only the public key of KDC, which can then be used to sign new keys to other identities. Previously cerated and used session keys are not compromised like in symmetric model. Breaking in have to happen before public key exchange or the communicating partners have to be fooled to redo the key exchange. Different Ts can certificate each other to make the life of M harder. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

16 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Key exchange along the message The key exchange is performed along with the first message of protocol 1. A generates random session key K and encrypts message M with it E k (M) 2. A fetches the public key of B 3. A encrypts K with the public key of B E Bpublic (K) Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

17 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s 4. A sends both the encrypted message and encrypted session key to B (secured envelope) E K (M), E Bpublic (K) 5. B decrypts the session key sent by A 6. D Bprivate (E Bpublic (K)) 7. B decrypts the message using the session key D K (E K (M)) Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

18 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s For additional security A signs the whole message E APrivate (E K (M), E Bpublic (K)) B can verify the signature D APublic (E APrivate (E K (M), E Bpublic (K))) Time stamps and other security protocols are described later. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

19 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s Key and message broadcasting When communicating with multiple persons. 1. A generates random session key k and encrypts message M with it. E K (M) 2. A fetches the public keys of B, c and D. 3. A sencrypts k withh the public keys of B,C and D E Bpublic (K), E Cpublic (K), E Dpublic (K) Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

20 Secured Communications: Key exchange Schneier: Applied Cryptography 3.1s 4. A Broadcasts encrypted messages and all the encrypted keys E Bpublic (k), E Cpublic (K), E Dpublic (K), E K (M) 5. Only B,C and D can decrypt the key using their secret key and then decrypt the message M. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

21 Key exchange algorithms Diffie-Hellman key exchange (asymmetric algorithm that can only be used for key exchange not in encrypting messages) Choose numbers n and g so that n is prime and g is primitive root mod n (primitive mod n) Numbers n and g can be public 1. A generates random big number x and sends it to B X = g x mod n 2. B generates random big number and sends it to A Y = g y mod n 3. A calculates k = Y x mod n (g y mod n) x mod n = g yx mod n 4. B calculates k = X y mod n Sessionkey: k = k = g xy mod n Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

22 Eavesdropper can only get values n, g, X and Y, which are not enough to calculate k. n has to be big number Security of the system is based on the problem of factoring the numbers that are size of n. n defines the also the size of changed key. The size of g has no meaning to security of algorithm For better security (n-1)/2 should also be prime. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

23 Example with small numbers: Let n be: 5 and it s primitive root g: 2. A s random number x is 3 and B s random number y is 2 X = 2 3 mod 5 = 3 Y = 2 2 mod 5 = 4 k = 4 3 mod 5 = 4 k = 3 2 mod 5 = 4 Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

24 Diffie-Hellman between 3 or more communicating partners 1. A generates big random integer x and sends to B X = g x mod n 2. B generates big random integer y and sends to C Y = g y mod n 3. C generates big random integer y and sends to A Z = g z mod n 4. A sends to B Z = Z x mod n 5. B sends to C X = X y mod n 6. C sends to A Y = Y z mod n 7. A calculates: k = Y x mod n 8. B calculates k = Z y mod n 9. C calculates k = X z mod n Session key is k = g xyz mod n more participants can be taken into key exchnage by adding rounds to the system. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

25 Hughes variant Allows pregenerated key 1. A generates random number x and calculates key k = g x mod n (a) k can be now used to encrypt messages 2. B generates big number y and sends to A Y = g y mod n 3. A sends to B X = Y x mod n 4. B calculates z = y 1 and k = X z mod n k =k so everything works The advantage of the Hughes variant is that A can use key k for encryption before making contact to B Data that has been encrypted with key k can be exchanged to different parties at different times. (Publish now in web page and exchange the key later) Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

26 Using digital signatures to verify asymmetric keys T signs the public keys of A and B The keys are signed along with information about the owner of the keys (certificate) I T,E T private (k Apublic,I A ),k T public where I is Identity information and k is the key A and B can verify the validity of keys by verifying the signature of T Requires the knowledge about the public key of T. Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

27 The protocol reduces the risks of using T compared to symmetric systems M cannot pretend to be A or B, as he don t know their secret keys. M cannot change his own key as a key of A or B as his key is signed for M. IF KDC is broken into, M can get only the public key of KDC, which can then be used to sign new keys to other identities. Previously cerated and used session keys are not compromised like in symmetric model. Breaking in have to happen before public key exchange or the communicating partners have to be fooled to redo the key exchange. Different Ts can certificate each other to make the life of M harder. Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

28 PKI: Public Key Infrastructure PKI tries to answer to the question: How can we be sure that certain public key is the public key of certain entity. Connects the public key into unique identity person, device, orgaanisation Transparency Does not require too much from the user Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

29 Basic Operations Certification Binds key to the identity Validation Validates the authenticity of the certificate Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

30 Certificate contents Individualising information about identity username, device address/ ip address, company name Public key Other information, depending on the certificate system (expiration time etc.) All the above mentioned information signed by trusted third party The signer is called Certification authority The signature states that the signer quarantees this public key belongs to this identity Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

31 Certificate revocation Certificate expiration time passees Certificatee revocation list When secret key corresponding to certified public key is compromised Certificate authoritys secret key is compromised Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

32 X.509 (ISO/IEC ) Part of ITU-T X.500 recommendations, that define directory services Is used in e.g. S/MIME, SSL/TLS, SET, IPSEC Several RFC s exists about the use of X.509 First version released 1988, v and v (RFC 2459) The first draft of X.509 v3 was released 1995 Does not depeend on any algorithm, although RSA is recommended for asymmetric cryptography Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

33 Requires use of hash function Certificate Revocation List (CRL) for invalid certificates contains non expired invaalid certificates CA upkeeps the list Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

34 X.509 structure Certificate Version Serial number Algorithm ID issuer Validity Not before Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

35 Not After Subject Subject public key information Public Key Algortihm Subject Public k key Issuer Unique Identifier (added in v2) Subject Unique Identifier (added in v2) Extensions (added in v3) can be divided in three different groups 1. Key and policy informaation fields (Who and where the key can be used) Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

36 2. Certificate subject and issuer attributes (aliases and more information about the identity issuer and subject) 3. Certification Path Constraints Certificate Signature Algorithm Certificate Signature Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

37 X.509 certificate validation 1. Verification of CA going back in certificate tree until trusted CA is found 2. validity check Is the validation time of certificate started and not expired Is the certificate in CRL list 3. Verifying the Signature NOTE! Certificate validation does not authenticate the certificate sender. Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

38 Certificate is public and anyone can copy it. Only the proper owneer of certificate knows the private key corresponding to the certified public key In order to authenticate the sender, the sender has to be able to proof he knows the secret key (e.g. challenge-response authentication) Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

39 PGP certificate PGP - Pretty Good Privacy Used for Is based on user gathered keychains that form webs of trust User acts as a CA Users share their certificate lists with each other Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

40 PGP Certificate contents address public key Level of trust PGP defines level of trust value for each key. The higher the value on ID and key the more trusted is the link between identity and publickey The longer the certificate chain the smalled is the trust value No validity time for certificate Pekka Jäppinen, Lappeenranta University of Technology: 31. lokakuuta /40

41 User decides the validity No CRL lists Pekka Jäppinen, Lappeenranta University of Technology: October 31, /40

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment. CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How

More information

CT30A8800 Secured communications

CT30A8800 Secured communications CT30A8800 Secured communications Pekka Jäppinen October 31, 2007 Pekka Jäppinen, Lappeenranta University of Technology: October 31, 2007 Authentication Three basic models 1. Something you know Password,

More information

Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution

Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University

More information

Key Management and Distribution

Key Management and Distribution 2 and Distribution : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l10, Steve/Courses/2015/s2/css441/lectures/key-management-and-distribution.tex,

More information

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005 Lecture 30 Security April 11, 2005 Cryptography K A ciphertext Figure 7.3 goes here K B symmetric-key crypto: sender, receiver keys identical public-key crypto: encrypt key public, decrypt key secret Symmetric

More information

Chapter 9: Key Management

Chapter 9: Key Management Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange

More information

CS Computer Networks 1: Authentication

CS Computer Networks 1: Authentication CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores

More information

Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14 Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture

More information

T Cryptography and Data Security

T Cryptography and Data Security T-79.159 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Kaufman et al: Ch 11.6; 9.7-9; Stallings:

More information

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any

More information

Session key establishment protocols

Session key establishment protocols our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session

More information

Session key establishment protocols

Session key establishment protocols our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session

More information

Diffie-Hellman. Part 1 Cryptography 136

Diffie-Hellman. Part 1 Cryptography 136 Diffie-Hellman Part 1 Cryptography 136 Diffie-Hellman Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) A key exchange algorithm o Used to establish a shared symmetric key Not for

More information

Information Security CS 526

Information Security CS 526 Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric

More information

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Data Security and Privacy. Topic 14: Authentication and Key Establishment Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt

More information

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted

More information

Spring 2010: CS419 Computer Security

Spring 2010: CS419 Computer Security Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics

More information

ICS 180 May 4th, Guest Lecturer: Einar Mykletun

ICS 180 May 4th, Guest Lecturer: Einar Mykletun ICS 180 May 4th, 2004 Guest Lecturer: Einar Mykletun 1 Symmetric Key Crypto 2 Symmetric Key Two users who wish to communicate share a secret key Properties High encryption speed Limited applications: encryption

More information

Cryptographic Protocols 1

Cryptographic Protocols 1 Cryptographic Protocols 1 Luke Anderson luke@lukeanderson.com.au 5 th May 2017 University Of Sydney Overview 1. Crypto-Bulletin 2. Problem with Diffie-Hellman 2.1 Session Hijacking 2.2 Encrypted Key Exchange

More information

T Cryptography and Data Security

T Cryptography and Data Security T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use

More information

Key Management and Distribution

Key Management and Distribution Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message

More information

CT30A8800 Secured communications

CT30A8800 Secured communications CT30A8800 Secured communications Pekka Jäppinen September 11, 2007 Pekka Jäppinen, Lappeenranta University of Technology: September 11, 2007 General Ti5318800 Secured Communications Lecturer: Pekka Jäppinen

More information

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature Key Management Digital signatures: classical and public key Classic and Public Key exchange 1 Handwritten Signature Used everyday in a letter, on a check, sign a contract A signature on a signed paper

More information

PKI Services. Text PKI Definition. PKI Definition #1. Public Key Infrastructure. What Does A PKI Do? Public Key Infrastructures

PKI Services. Text PKI Definition. PKI Definition #1. Public Key Infrastructure. What Does A PKI Do? Public Key Infrastructures Public Key Infrastructures Public Key Infrastructure Definition and Description Functions Components Certificates 1 2 PKI Services Security Between Strangers Encryption Integrity Non-repudiation Key establishment

More information

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures MIS5206 Week 11 Identity and Access Control Week 10 continued Cryptography, Public Key Encryption and

More information

Certificates, Certification Authorities and Public-Key Infrastructures

Certificates, Certification Authorities and Public-Key Infrastructures (Digital) Certificates Certificates, Certification Authorities and Public-Key Infrastructures We need to be sure that the public key used to encrypt a message indeed belongs to the destination of the message

More information

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted

More information

L13. Reviews. Rocky K. C. Chang, April 10, 2015

L13. Reviews. Rocky K. C. Chang, April 10, 2015 L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing

More information

Certificateless Public Key Cryptography

Certificateless Public Key Cryptography Certificateless Public Key Cryptography Mohsen Toorani Department of Informatics University of Bergen Norsk Kryptoseminar November 9, 2011 1 Public Key Cryptography (PKC) Also known as asymmetric cryptography.

More information

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA Public Key Cryptography, OpenPGP, and Enigmail Cryptography is the art and science of transforming (encrypting) a message so only the intended recipient can read it Symmetric Cryptography shared secret

More information

Lecture 2 Applied Cryptography (Part 2)

Lecture 2 Applied Cryptography (Part 2) Lecture 2 Applied Cryptography (Part 2) Patrick P. C. Lee Tsinghua Summer Course 2010 2-1 Roadmap Number theory Public key cryptography RSA Diffie-Hellman DSA Certificates Tsinghua Summer Course 2010 2-2

More information

Key management. Pretty Good Privacy

Key management. Pretty Good Privacy ECE 646 - Lecture 4 Key management Pretty Good Privacy Using the same key for multiple messages M 1 M 2 M 3 M 4 M 5 time E K time C 1 C 2 C 3 C 4 C 5 1 Using Session Keys & Key Encryption Keys K 1 K 2

More information

Topics. Dramatis Personae Cathy, the Computer, trusted 3 rd party. Cryptographic Protocols

Topics. Dramatis Personae Cathy, the Computer, trusted 3 rd party. Cryptographic Protocols Cryptographic Protocols Topics 1. Dramatis Personae and Notation 2. Session and Interchange Keys 3. Key Exchange 4. Key Generation 5. Cryptographic Key Infrastructure 6. Storing and Revoking Keys 7. Digital

More information

Kerberos and Public-Key Infrastructure. Key Points. Trust model. Goal of Kerberos

Kerberos and Public-Key Infrastructure. Key Points. Trust model. Goal of Kerberos Kerberos and Public-Key Infrastructure Key Points Kerberos is an authentication service designed for use in a distributed environment. Kerberos makes use of a thrusted third-part authentication service

More information

Information Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1

Information Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1 Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions

More information

Public Key Algorithms

Public Key Algorithms CSE597B: Special Topics in Network and Systems Security Public Key Cryptography Instructor: Sencun Zhu The Pennsylvania State University Public Key Algorithms Public key algorithms RSA: encryption and

More information

Lecture Notes 14 : Public-Key Infrastructure

Lecture Notes 14 : Public-Key Infrastructure 6.857 Computer and Network Security October 24, 2002 Lecture Notes 14 : Public-Key Infrastructure Lecturer: Ron Rivest Scribe: Armour/Johann-Berkel/Owsley/Quealy [These notes come from Fall 2001. These

More information

1. Diffie-Hellman Key Exchange

1. Diffie-Hellman Key Exchange e-pgpathshala Subject : Computer Science Paper: Cryptography and Network Security Module: Diffie-Hellman Key Exchange Module No: CS/CNS/26 Quadrant 1 e-text Cryptography and Network Security Objectives

More information

1.264 Lecture 28. Cryptography: Asymmetric keys

1.264 Lecture 28. Cryptography: Asymmetric keys 1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver

More information

Network Security Essentials

Network Security Essentials Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of

More information

CSC/ECE 774 Advanced Network Security

CSC/ECE 774 Advanced Network Security Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;

More information

CSC 482/582: Computer Security. Security Protocols

CSC 482/582: Computer Security. Security Protocols Security Protocols Topics 1. Basic Concepts of Cryptography 2. Security Protocols 3. Authentication Protocols 4. Key Exchange Protocols 5. Kerberos 6. Public Key Infrastructure Encryption and Decryption

More information

Introduction and Overview. Why CSCI 454/554?

Introduction and Overview. Why CSCI 454/554? Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book

More information

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 8: Protocols for public-key management Ion Petre Department of IT, Åbo Akademi University 1 Key management two problems

More information

Lecture Note 6 KEY MANAGEMENT. Sourav Mukhopadhyay

Lecture Note 6 KEY MANAGEMENT. Sourav Mukhopadhyay Lecture Note 6 KEY MANAGEMENT Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Key Management There are actually two distinct aspects to the use of public-key encryption in this regard:

More information

Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier

Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier Presented by Joshua Schiffman & Archana Viswanath Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier Trust Models Rooted Trust Model! In a

More information

CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure

CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure Professor Henry Carter Fall 2018 Recap Digital signatures provide message authenticity and integrity in the public-key setting As well as public

More information

Overview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation

Overview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May

More information

Key Agreement Schemes

Key Agreement Schemes Key Agreement Schemes CSG 252 Lecture 9 November 25, 2008 Riccardo Pucella Key Establishment Problem PK cryptosystems have advantages over SK cryptosystems PKCs do not need a secure channel to establish

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA

More information

BCA III Network security and Cryptography Examination-2016 Model Paper 1

BCA III Network security and Cryptography Examination-2016 Model Paper 1 Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct

More information

E-commerce security: SSL/TLS, SET and others. 4.1

E-commerce security: SSL/TLS, SET and others. 4.1 E-commerce security: SSL/TLS, SET and others. 4.1 1 Electronic payment systems Purpose: facilitate the safe and secure transfer of monetary value electronically between multiple parties Participating parties:

More information

Public-key Cryptography: Theory and Practice

Public-key Cryptography: Theory and Practice Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of

More information

Key management. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E

Key management. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution 1 Using the same key for multiple

More information

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen Modern cryptography 2 CSCI 470: Web Science Keith Vertanen Modern cryptography Overview Asymmetric cryptography Diffie-Hellman key exchange (last time) Pubic key: RSA Pretty Good Privacy (PGP) Digital

More information

Network Security Chapter 8

Network Security Chapter 8 Network Security Chapter 8 Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Communication Security Authentication Protocols Email Security Web Security

More information

ECE 646 Lecture 3. Key management

ECE 646 Lecture 3. Key management ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple

More information

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings Key Exchange References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings Outlines Primitives Root Discrete Logarithm Diffie-Hellman ElGamal Shamir s Three Pass

More information

CS 425 / ECE 428 Distributed Systems Fall 2017

CS 425 / ECE 428 Distributed Systems Fall 2017 CS 425 / ECE 428 Distributed Systems Fall 2017 Indranil Gupta (Indy) Dec 5, 2017 Lecture 27: Security All slides IG Security Threats Leakage Unauthorized access to service or data E.g., Someone knows your

More information

Fall 2010/Lecture 32 1

Fall 2010/Lecture 32 1 CS 426 (Fall 2010) Key Distribution & Agreement Fall 2010/Lecture 32 1 Outline Key agreement without t using public keys Distribution of public keys, with public key certificates Diffie-Hellman Protocol

More information

Authentication and Key Distribution

Authentication and Key Distribution 1 Alice and Bob share a key How do they determine that they do? Challenge-response protocols 2 How do they establish the shared secret in the first place? Key distribution PKI, Kerberos, Other key distribution

More information

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent

More information

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management

More information

Total points: 71. Total time: 75 minutes. 9 problems over 7 pages. No book, notes, or calculator

Total points: 71. Total time: 75 minutes. 9 problems over 7 pages. No book, notes, or calculator CMSC 414 F08 Exam 1 Page 1 of 10 Name: Total points: 71. Total time: 75 minutes. 9 problems over 7 pages. No book, notes, or calculator 1. [14 points] a. Are n=221 and e=3 valid numbers for RSA. Explain.

More information

ECE 646 Lecture 3. Key management. Required Reading. Using the same key for multiple messages

ECE 646 Lecture 3. Key management. Required Reading. Using the same key for multiple messages ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple

More information

Kurose & Ross, Chapters (5 th ed.)

Kurose & Ross, Chapters (5 th ed.) Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and

More information

14. Internet Security (J. Kurose)

14. Internet Security (J. Kurose) 14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:

More information

X.509. CPSC 457/557 10/17/13 Jeffrey Zhu

X.509. CPSC 457/557 10/17/13 Jeffrey Zhu X.509 CPSC 457/557 10/17/13 Jeffrey Zhu 2 3 X.509 Outline X.509 Overview Certificate Lifecycle Alternative Certification Models 4 What is X.509? The most commonly used Public Key Infrastructure (PKI) on

More information

Cryptography (Overview)

Cryptography (Overview) Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography

More information

Course Administration

Course Administration Lecture 6: Hash Functions, Message Authentication and Key Distribution CS 392/6813: Computer Security Fall 2010 Nitesh Saxena *Adopted from Previous Lectures by Nasir Memon Course Administration HW3 was

More information

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by

More information

CS 161 Computer Security

CS 161 Computer Security Popa & Wagner Spring 2016 CS 161 Computer Security Discussion 5 Week of February 19, 2017 Question 1 Diffie Hellman key exchange (15 min) Recall that in a Diffie-Hellman key exchange, there are values

More information

Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall Nitesh Saxena

Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall Nitesh Saxena Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall 2009 Nitesh Saxena *Adopted from a previous lecture by Gene Tsudik Course Admin HW3 Problem 3 due Friday midnight

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 6 Release 1 System i Security Digital Certificate Manager Version 6 Release 1 Note Before using this information and the product it supports, be sure

More information

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology Question Bank Subject: Information Security (160702) Class: BE Sem. VI (CE/IT) Unit-1: Conventional

More information

Chapter 10: Key Management

Chapter 10: Key Management Chapter 10: Key Management Session and Interchange Keys Key Exchange Key Generation Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #10-1 Overview Key exchange Session

More information

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Chapter 10 Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture out of the

More information

Overview of Authentication Systems

Overview of Authentication Systems Overview of Authentication Systems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/

More information

Authentication in Distributed Systems

Authentication in Distributed Systems Authentication in Distributed Systems Introduction Crypto transforms (communications) security problems into key management problems. To use encryption, digital signatures, or MACs, the parties involved

More information

Elliptic Curve Cryptography (ECC) based. Public Key Infrastructure (PKI) Kunal Abhishek Society for Electronic Transactions & Security (SETS), Chennai

Elliptic Curve Cryptography (ECC) based. Public Key Infrastructure (PKI) Kunal Abhishek Society for Electronic Transactions & Security (SETS), Chennai Elliptic Curve Cryptography (ECC) based Public Key Infrastructure (PKI) Kunal Abhishek Society for Electronic Transactions & Security (SETS), Chennai 14th November, 2017 Focus of this talk What should

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

More information

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

ח'/סיון/תשע א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,

More information

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads Cryptography p y Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction

More information

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010 Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction

More information

CRYPTOGRAPHY & DIGITAL SIGNATURE

CRYPTOGRAPHY & DIGITAL SIGNATURE UNIT V CRYPTOGRAPHY & DIGITAL SIGNATURE What happens in real life? We have universal electronic connectivity via networks of our computers so allowing viruses and hackers to do eavesdropping. So both the

More information

Encryption. INST 346, Section 0201 April 3, 2018

Encryption. INST 346, Section 0201 April 3, 2018 Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:

More information

Public-Key Infrastructure NETS E2008

Public-Key Infrastructure NETS E2008 Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1 Authenticity of Public Keys? private key Alice Bob public key Problem: How does Alice know that the public key

More information

Lecture 4: Cryptography III; Security. Course Administration

Lecture 4: Cryptography III;  Security. Course Administration Lecture 4: Cryptography III; Email Security CS 336/536: Computer Network Security Fall 2014 Nitesh Saxena Course Administration HW/Lab 1 Posted Due at 11am on Sep 29 Labs are active starting this week

More information

Digital Certificates Demystified

Digital Certificates Demystified Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates

More information

Key Management and Elliptic Curves

Key Management and Elliptic Curves Key Management and Elliptic Curves Key Management Distribution of ublic Keys ublic-key Distribution of Secret Keys Diffie-Hellman Key Echange Elliptic Curves Mathematical foundations Elliptic curves over

More information

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018 Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS

More information

David Wetherall, with some slides from Radia Perlman s security lectures.

David Wetherall, with some slides from Radia Perlman s security lectures. David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive

More information

Public Key Algorithms

Public Key Algorithms Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 10 Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would

More information

Public Key Cryptography

Public Key Cryptography Public Key Cryptography Giuseppe F. Italiano Universita` di Roma Tor Vergata italiano@disp.uniroma2.it Motivation Until early 70s, cryptography was mostly owned by government and military Symmetric cryptography

More information

CSC 774 Network Security

CSC 774 Network Security CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution

More information

CS3235 Seventh set of lecture slides

CS3235 Seventh set of lecture slides CS3235 Seventh set of lecture slides Hugh Anderson National University of Singapore School of Computing October, 2007 Hugh Anderson CS3235 Seventh set of lecture slides 1 Warp 9... Outline 1 Public Key

More information

Keywords Session key, asymmetric, digital signature, cryptosystem, encryption.

Keywords Session key, asymmetric, digital signature, cryptosystem, encryption. Volume 3, Issue 7, July 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Review of Diffie

More information