Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Published byArianna Saucerman Modified over 10 years ago

Similar presentations

Presentation on theme: "Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998."— Presentation transcript:

1 Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998

2 Presentation Overview n Introduction n Public-key cryptography: RSA n Secret-key cryptography: DES n The SSL protocol n Open discussion

3 Introduction n Privacy u Keeping communication contents secret, known to a predetermined set of people, unknown to others n Security u A means to achieve privacy u An attempt against attacks like: eavesdropping, tampering, message replay u Tools: cryptography, secure protocol

4 Some security attack scenarios Eavesdropping: Peter Mary Lets meet at 5pm, old place Tom hee hee… Tampering: PeterMary Lets meet at 5pm, old place Tom Lets meet at 3pm, old place Replaying: Peter Tom Lets meet at 3pm today Mary One day later: Lets meet at 3pm today

5 Cryptography n Transformation of data into a secret form that is infeasible to read without knowledge of a shared secret (a key) n Achieve privacy by making information hidden to people who dont know the key n Encryption key and decryption key may be the same (secret-key cryptography) or different (public-key cryptography) DataSecret-form data encryption decryption

6 Private Key Cryptography n The same key is used for both encryption and decryption n One technique: block ciphers u transform fixed-length blocks of plain-text data into fixed- length blocks of cipher-text (secret-form) data n An example: DES (Data Encryption Standard) Plain-text block 1Plain-text block 2Plain-text block 3... Cipher-text block 1Cipher-text block 2Cipher-text block 3... Encrypt using key K

7 DES n Data Encryption Standard, also known as Data Encryption Algorithm (DEA) n Developed by IBM, refined by NBS n Block size of 64 bits, key size of 56 bits n 16 rounds of Feistel Ciphers: n Most widely used block ciphers, but being replaced by AES, Advanced Encryption Standard Round 1 Round 2 Round 16 Plain-text block Cipher-text block

8 Private Key cryptography n Stream ciphers (e.g., RC4) u transform plain-text data into cipher-text data bit by bit, and vice versa u can be much faster than block ciphers, but less secure n Message Authentication Codes (MAC) u a checksum obtained by applying an authentication scheme (DES, RC4, etc.) and a secret key to a message u the recipient verifies the integrity of the message by calculating the MAC with the secret key again

9 Public Key Cryptography n Encryption and decryption use different keys n A popular method: RSA n RSA key generation: u Find 2 large prime numbers p, q Choose d relatively prime to z=(p-1)(q-1) u Find e such that e X d = 1 mod z u Let n = pq u Public key: (n, e); Private key: (n, d) u Encrypting message M: E(M) = M e mod n u Decrypting cipher-text c: D(c) = c d mod n

10 RSA: An Example n Pick p = 5, q = 7, z = 24, n = 35 n Choose d = 5, relatively prime to z n 1 mod z = 1, 25, 49, 73, 97, 121, 145... n Pick e = 145 / d = 29 n Public key (35, 29); Private key (35, 5) n Encrypting message M = 10: E(M) = 10 29 mod 35 = 5 n VERIFY: Decrypting cipher-text c = 5: D(c) = 5 5 mod 35 = 3125 mod 35 = 10 = M n In practice, much larger primes p, q are used n The security provided by RSA relies on the fact that it is computationally infeasible to factor a large number n to find out p, q, and hence z, e

11 Digital Signatures, Certificates n Digital signature u The recipient verifies the signature by decrypting the signature with senders public key, and compares decrypted message with M n Certificate u A digitally signed public key u Used to verify a claimed-to-be public key of an entity Message M M encrypted with senders private key

12 SSL Protocol n Secure Socket Layer, developed by Netscape Corporation n Aims to provide privacy and reliability between two communicating applications n Overview: Application data protocol SSL handshake protocol SSL record protocol Reliable transport protocol (e.g., TCP) SSL record protocol Application data protocol SSL handshake protocol Application 1 (e.g., telnet, ftp) Application 2

13 SSL Protocol n Record protocol u encapsulate higher level protocols u divide messages into blocks u compresses message blocks u applies MAC to message blocks u encrypts and transmits message blocks n SSL handshake protocol u allow the client to authenticate the server, and the server to authenticate the client u negotiate an encryption algorithm and key for application data transmission n Application data protocol u transmits data from applications to the record layer, which then sends the data securely

14 SSL Handshake Protocol CLIENTSERVER Hello! I want to connect with you. I understand encryption algorithms like DES, RC4, IDEA, etc.… Hello, then lets use DES. This is my certificate with my public key on it. Please check. (Client verify servers public key...) Alright, Ive generated a DES master key. Here I encrypt it with your public key and send it to you Im finished.. (Server decrypts the DES key received from client…) Ok, I received your key. Im finished....... Data encrypted with the DES master key

15 SSL Protocol n How does it achieve privacy? u All data are encrypted during transmission, therefore, eavesdropping is useless unless the eavesdropper knows how to decrypt the message u Moreover, an attacker will not be able to tamper a message because he does not know how to encrypt it u A session-id is assigned by the server to each connection, so that an attacker cannot pretend the client later by replaying the message

16 Summary n We introduced basic cryptographic techniques, DES and RSA, and their application in MAC, digital signatures and certificates n We introduced the SSL protocol developed by Netscape Corp. as a secure protocol for data transmission

Download ppt "Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Web security: SSL and TLS

Web security: SSL and TLS
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Security and Reliability Issues in Distributed Systems Chan Hing Wing, Anthony MPhil Term 1, CSE CUHK December 11, 1998.

Security and Reliability Issues in Distributed Systems Chan Hing Wing, Anthony MPhil Term 1, CSE CUHK December 11, 1998.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Similar presentations

Ads by Google