Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Published byAriana McCormick Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange."— Presentation transcript:

1 Cryptography Chapter 7 Part 4 Pages 833 to 874

2 PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange

3 Certificate Authority (CA) PKI requires a digital certificate CA creates and digitally signs it Entrust and VeriSign Registration Authority (RA) – Verifies identity – Ask CA for certificate Certificate (X.509 standard) – Figure 7-25 on page 838

4 Key Management Keys should not be available in cleartext If a user loses the key, data is encrypted forever. Key escrow

5 TPM Trusted Platform Module Microchip installed on the motherboard and dedicated to security functions: symmetric and asymmetric keys, hashing, digital certificates Encrypting the hard disk – Key stored on TPM encrypted with another key

6 Sealing a System Particular hardware and software configuration TPM generates a hash based on system configuration files. TPM verifies the integrity by computing the hash and comparing it with the “sealing” value.

7 Link Encryption Encrypts all data – User data, header, addresses Protects against packet sniffing Packets must be decrypted at each hop so routers can read routing and address information Takes place at the data link and physical layer

8 End-to-End Encryption The header, addresses, routing, and trailer are not encrypted Enables attackers to learn more about a captured packet Happens within the application

9 E-Mail Multipurpose Internet Mail Extension (MIME) – how multimedia data and e-mail binary attachments are to be transferred. What program should process it.

10 Secure MIME (S/MIME) A standard for encrypting and digitally signing email and for providing secure data transmission. Follows PKCS (Public Key Cryptography Standard) Confidentiality, Integrity (Hashing), Authentication (X.509 Public Key Certificates), Non-repudiation (Signed Message Digest)

11 PGP Pretty Good Privacy Phil Zimmerman 1991 RSA public key encryption for key management IDEA for symmetric key for bulk encryption MD5 hash for authentication of public key certificate

12 PGP “Web of Trust” User’s Key Ring – collection of public keys Does not use centralized CA No CRL – What if private key is compromised? http://www.gpg4win.org/

13 Internet Security HTTP Secure (HTTPS) – SSL (Secure Socket Layer) works at Transport Layer – Provides data encryption, server authentication, message integrity – Server send digital certificate signed by CA containing it public key – Client uses public key to encrypt symmetric session keys

14 SSL SSL 3.0 Transport Layer Security (TLS) – open source version

15 Cookies Text file that the browser maintains in memory or on disk HTTP is stateless. – Save login, shopping cart, etc. Sometimes kept to keep track on the user’s browsing and spending for advertising. Cookies that contain sensitive information should be encrypted by the server or stored in memory.

16 Attacking Cryptography Ciphertext-Only Attack Known-Plaintext Attack Chosen-Plaintext Attack Key Terms on page 869

Download ppt "Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CP3397 ECommerce.

CP3397 ECommerce.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Similar presentations

Ads by Google