Digital it Signatures. Message Authentication Codes. Message Hash. Security. COMP755 Advanced OS 1

Similar documents
Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

2/24/2018. Computer Security CS433 Luai E. Hasnawi, PhD

Chapter 8 Web Security

Computer Security: Principles and Practice

Garantía y Seguridad en Sistemas y Redes

CS 161 Computer Security

Security Requirements

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

ADFS Setup (SAML Authentication)

TRANSITIONING OF CRYPTOGRAPHIC ALGORITHMS IN THE ELECTRONIC BIDDING CORE SYSTEM JACIC Hiroyuki ISHIWATA

Programming Project # 2. CS255 Due: Wednesday, 3/9, 11:59pm Pacific Elizabeth Stinson

Cryptographic Concepts

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

Pretty Good Privacy (PGP

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Security. Communication security. System Security

Using Cryptography CMSC 414. October 16, 2017

SAML with ADFS Setup Guide

For Your Eyes Only! MQ Advanced Message Security

Sharing Secrets using Encryption Facility - Handson

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

UNIT - IV Cryptographic Hash Function 31.1

Kurose & Ross, Chapters (5 th ed.)

Authenticating on a Ham Internet

Security in ECE Systems

Configuring SSH Public Key Authentication

Cryptographic Checksums

Other Topics in Cryptography. Truong Tuan Anh

CMPT 300: Operating Systems I Assignment 4

IEEE Std and IEEE Std 1363a Ashley Butterworth Apple Inc.

1.264 Lecture 28. Cryptography: Asymmetric keys

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

6.033 Computer System Engineering

Background. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33

Apple 9L Security Best Practices for Mac OS X v

Software Security. Case Study: Java 2 Security. Copyright of HeathWallace 2008

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

Public Key Algorithms

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

SafeNet KMIP and Google Drive Integration Guide

Cryptography (Overview)

Lecture 2 Applied Cryptography (Part 2)

Total No. of Questions : 09 ] [ Total No.of Pages : 02

Cryptography MIS

TDDC03 Projects, Spring Improved Policytool for Java Permission Management

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

CS Computer Networks 1: Authentication

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Network Security. Chapter 8. MYcsvtu Notes.

(2½ hours) Total Marks: 75

The most common type of certificates are public key certificates. Such server has a certificate is a common shorthand for: there exists a certificate

Qualys SAML & Microsoft Active Directory Federation Services Integration

Security: Focus of Control. Authentication

Data Integrity. Modified by: Dr. Ramzi Saifan

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Security: Focus of Control

Refresher: Applied Cryptography

Lecture 19: cryptographic algorithms

Overview. SSL Cryptography Overview CHAPTER 1

Security in NVMe Enterprise SSDs

Asymmetric Cryptography. kprv. kpub. used in digital signature

Cipher Suite Configuration Mode Commands

Lecture 15: Cryptographic algorithms

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Programming Project #2

Introduction to Cryptography. Vasil Slavov William Jewell College

CSC 474/574 Information Systems Security

CS 161 Computer Security

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Cryptography and Network Security

S. Erfani, ECE Dept., University of Windsor Network Security

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

Provisioning Certificates

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Genesys Security Deployment Guide. What You Need

Ref:

WAP Security. Helsinki University of Technology S Security of Communication Protocols

CCNA Security 1.1 Instructional Resource

ROEVER ENGINEERING COLLEGE Elambalur,Perambalur DEPARTMENT OF CSE NP UNIT-I

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

HTTPS Setup using mod_ssl on CentOS 5.8. Jeong Chul. tland12.wordpress.com. Computer Science ITC and RUPP in Cambodia

Spring 2010: CS419 Computer Security

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

e-commerce Study Guide Test 2. Security Chapter 10

CSC 8560 Computer Networks: Network Security

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Unit III. Chapter 1: Message Authentication and Hash Functions. Overview:

CO Java SE 7: Develop Rich Client Applications

IBM Presentations: Implementing SSL Security in WebSphere Partner Gateway

Distributed Systems. Lecture 14: Security. 5 March,

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Encryption 2. Tom Chothia Computer Security: Lecture 3

Transcription:

Digital Signatures Digital it Signatures Offer similar protections as handwritten signatures in the real world. 1. Difficult to forge. 2. Easily verifiable. 3. Not deniable. 4. Easy to implement. 5. Differs from document to document. Message Hash A message hash is a checksum like value or condensed version of a file. Any change to a file will produce a different message Message hashes are one way functions. There is no known method of creating a data file to match a known message SHA-1 is a Standard Hash Algorithm SHA-1 creates a 160 bit hash value Message Authentication Codes A message authentication code (MAC) verifies that t the message has not been modified by anyone who does not know the key MAC is created by encrypting a message Any encryption algorithm can be used. COMP755 Advanced OS 1

MAC Use When creating the file compute the hash encrypt the hash append the hash to the file When reading the file compute the hash encrypt your hash compare your hash to the one in the file Digital Signature Digitally signed messages can have clearly viewed plaintext in the body of the message, the objective is to verify the sender. With RSA public key encryption either key can be used to encrypt or decrypt. Digital Signature Process A hash of the data is created. The name of the sender is appended to the The hash is encrypted with the private key of the sender. The hash is appended to the data and transmitted together. The receiver decrypts the hash h with the public key of the sender. The receiver calculates a hash of the message and compares it to the received User1 Plaintext One Way Hash Condensed Bits Public Key Encryption E Digital Signature + Signature Private Key (general - public key) Remote Public Key Directory: Network Plaintext + Signature One Way Hash D Public Key C User2 Verifiable Output Compare hashes Public Key Decryption COMP755 Advanced OS 2

Digital Signature Use Digitally signed email verifies the sender. Signed applets or programs come from a known source and have not been modified. Digitally signed programs cannot be modified or infected with a virus without detection Digitally signed documents cannot be changed without detection. Key Distribution If you are going to rely on public key encryption, it is necessary to ensure the authenticity of public keys. Keys can be distributed by Key Servers Digital Certificates Key Servers Key servers are computers that have a database of public keys. Upon receiving a request for a public key, a key server sends the client the desired public key. The messages from the key server are digitally i signed. Clients have to know the key server s public key. Digital Certificates A digital certificate contains a user s public key along with some information about the user, such as their email address. The digital certificate is digitally signed by a Certificate Authority. Certificate Authorities are venders of digital certificates. Clients must know the public key of the Certificate Authority. COMP755 Advanced OS 3

Digital Certificates University Certificates A chain of trust can be established from a single point in an organization. Only the top public key is needed by everyone Buying Digital Certificates Several companies sell digital certificates They are usually expensive Creating Digital Certificates Security tools available with Java SDK Tool Name Brief Description keytool Manage keystores and certificates. jarsigner Generate and verify JAR signatures policytool GUI tool for managing policy files. COMP755 Advanced OS 4

Security Tool Documentation The security tools are command line programs with many options http://java.sun.com/j2se/1.3/docs/tooldocs/ win32/keytool.html http://java.sun.com/j2se/1.3/docs/tooldocs/ win32/jarsigner.html KeyStore The Java key tools use a keystore as a place to securely keep key entries trusted certificate entries A keystore can be encrypted for security Implemented as a file containing the information Signing Assignment Create a digital certificate containing your name Digitally sign a jar file containing your steganography program Send it to me by Wednesday, January 27 COMP755 Advanced OS 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback