Authentication and Key Distribution

Similar documents
Spring 2010: CS419 Computer Security

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

KEY AGREEMENT PROTOCOLS. CIS 400/628 Spring 2005 Introduction to Cryptography. This is based on Chapter 13 of Trappe and Washington

Diffie-Hellman. Part 1 Cryptography 136

Information Security CS 526

Fall 2010/Lecture 32 1

Cryptographic Protocols 1

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Authentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi

Cryptographic Checksums

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CSC/ECE 774 Advanced Network Security

ECE 646 Lecture 3. Key management

Public Key Algorithms

1. Diffie-Hellman Key Exchange

Chapter 9. Public Key Cryptography, RSA And Key Management

Lecture 7 - Applied Cryptography

CS Computer Networks 1: Authentication

L13. Reviews. Rocky K. C. Chang, April 10, 2015

UNIT - IV Cryptographic Hash Function 31.1

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

Exercises with solutions, Set 3

Lecture 15 PKI & Authenticated Key Exchange. COSC-260 Codes and Ciphers Adam O Neill Adapted from

Authenticating People and Machines over Insecure Networks

Key Management and Distribution

CSC 774 Network Security

Chapter 9: Key Management

Cryptography and Network Security

Certificates, Certification Authorities and Public-Key Infrastructures

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Authentication Part IV NOTE: Part IV includes all of Part III!

Lecture 2 Applied Cryptography (Part 2)

Overview. SSL Cryptography Overview CHAPTER 1

Cryptography and Network Security

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

CT30A8800 Secured communications

CT30A8800 Secured communications

18733: Applied Cryptography Anupam Datta (CMU) Basic key exchange. Dan Boneh

CPSC 467: Cryptography and Computer Security

Public-Key Infrastructure NETS E2008

CSCE 813 Internet Security Kerberos

Key management. Pretty Good Privacy

CSC 482/582: Computer Security. Security Protocols

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Key Management and Distribution

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

Lecture 6 - Cryptography

T Cryptography and Data Security

Securing Internet Communication: TLS

Key Establishment and Authentication Protocols EECE 412

Solving the key exchange problem

Datasäkerhetsmetoder föreläsning 7

Overview of Authentication Systems

Real-time protocol. Chapter 16: Real-Time Communication Security

Cryptography Lecture 9 Key distribution and trust, Elliptic curve cryptography

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

CS 494/594 Computer and Network Security

PROTECTING CONVERSATIONS

Lecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7.

Digital Signatures. KG November 3, Introduction 1. 2 Digital Signatures 2

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

EEC-682/782 Computer Networks I

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

Chapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

ECEN 5022 Cryptography

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Encryption and Forensics/Data Hiding

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

1. Out of the 3 types of attacks an adversary can mount on a cryptographic algorithm, which ones does differential cryptanalysis utilize?

The evolving storage encryption market

T Cryptography and Data Security

Trust Infrastructure of SSL

Encryption. INST 346, Section 0201 April 3, 2018

Using Cryptography CMSC 414. October 16, 2017

Outline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication

Grenzen der Kryptographie

SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Password. authentication through passwords

Security Fundamentals

ECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

Kurose & Ross, Chapters (5 th ed.)

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Topics. Dramatis Personae Cathy, the Computer, trusted 3 rd party. Cryptographic Protocols

Lecture 15 Public Key Distribution (certification)

CS 161 Computer Security

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Network Security. Chapter 8. MYcsvtu Notes.

CS 6324: Information Security More Info on Key Establishment: RSA, DH & QKD

ECE 646 Lecture 3. Key management. Required Reading. Using the same key for multiple messages

Module: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Key management. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Hash functions. Hash functions, certification and secure protocols. Contents. Solution : use a hash function

Public-key Cryptography: Theory and Practice

CS 161 Computer Security

Transcription:

1 Alice and Bob share a key How do they determine that they do? Challenge-response protocols 2 How do they establish the shared secret in the first place? Key distribution PKI, Kerberos, Other key distribution schemes

Challenge-Response Protocols 1 Alice issues to challenge to Bob 2 Bob responds 3 Bob challenges Alice 4 Alice responds 5 The challenge: prove that you have the key

Two-Way Authentication First Attempt Improved Alice A R b E(K, R b ) R a E(K, R a ) Bob Alice A, R a R b, E(K, R a ) E(K, R b ) Bob

Reflection Attack Introduction Alice? A, R a R b, E(K, R a ) A, R b R b, E(K, R b) E(K, R b ) Bob Watch-out for Parallel Sessions! Trick the challenger into responding to his own challenge in a parallel session

Some Thumb Rules Introduction 1 Have initiator prove who he/she is before responder has to 2 Initiator and responder should use different keys 1 Different keys may be derived from the same key K as (for example) K 1 = h(k 1) and K 2 = h(k 2). 3 Initiator and responder should draw challenges from different sets (odd/even)

Authentication Using HMACs A, R a Alice R b, HMAC(R a R b A B K) HMAC(R a R b K) Bob

Diffie Helman Key Exchange [ p, g, α g Alice a mod p β g b mod p ] Bob Common Secret Both Alice and Bob compute a common secret K AB = β a α b g ab mod p

Man-in-the-Middle Introduction [ p, g, α g A a mod p ξ g x mod p ] [ p, g, ω g O w mod p β g b mod p ] B MiM Attack 1 Oscar tells B that ω is A s public key 2 An A that ξ is B s public key 3 If Oscar is lazy he can even choose ω = ξ (he needs to generate only one key pair instead of 2)

Generic Key Establishment (Using Asymmetric Ciphers) 1 Alice and Bob exchange their public keys 2 Bob chooses a random secret K A, encrypts it using Alice s public key α 3 Alice chooses a random secret K B, encrypts it using Bob s public key β 4 shared secret can be any function of K A and K B. 5 The problem is Bob has no way of confirming that α is Alice s public key Alice has no way of confirming that β is Bob s public key 6 Need some way to bind Alice with α (and Bob with β ).

Certificate Authority Introduction 1 CA certifies bindings 2 CA generates a key-pair 3 CA s public key publicized widely 4 CA signs certificates using its private key 5 Anyone with a legitimate copy of the CAs public key can verify the certificate 6 X.509: standard format for public key certificates

X.509 Certificate Format

X.509 Certificate Format

Public Key Infrastructure 1 Need to avoid a single CA 2 Alice s public key signed by Verisign. Bob s by SecureNet 3 Alice may not recognize SecureNet (Bob may not recognize Verisign) 4 Alice accepts SecureNet s public key only if it is authenticated by Verisign? 5 Does every CA need to sign public keys of all other CAs?

Forward and Reverse Certificates 1 X signs public key of A represented as X << A >> 2 If A signs public key of X then we also have A << X >> 3 Forward and reverse certificates. 4 Does not matter which is forward and which is reverse. 5 In practice the certificate issued by the better known CA is considered as forward certificate?

Why Reverse Certificates? 1 Let Y be a lesser known CA 2 Y gets its public key signed by better known CA X (or X << Y >> is created) 3 In turn Y signs a reverse certificate Y << X >> 4 This reverse certificate helps customers of Y (who trust only Y ) 5 Y s customers can now gain a trusted copy of X s public key

Why Reverse Certificates? 1 A new CA has to get it s key signed by just one existing CA (and sign the reverse certificate) 2 A chain of forward/reverse certificates exist from any CA to any CA 3 Avoids having every CA sign the public key of every other CA.

X.509 Hierarchy Introduction

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback