Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:"— Presentation transcript:

1 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain the importance of message authentication on Internet communications –Describe message authentication with and without message encryption and identify its uses –Explain the operation of simple hash functions and secure hash functions –Describe the main parameters of MD5 and SHA1

2 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Introduction Message authentication is necessary to: Make sure that the message was transmitted properly No content was altered or deleted during transmission Protects users against active attacks

3 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Message authentication strategies Authentication & symmetric encryption Simply encrypt the message using a symmetric encryption algorithm Assume only the receiver and the sender know the key Advantages: Message confidentiality is kept Disadvantages: Computationally expensive Uses: Transmission of critical information

4 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Authentication using message digests A digest is a code generated using the message content that is appended at the end of the message. When the message is received, the digest is regenerated and compared with the message received Message digests are usually encrypted Advantages: Computationally cheaper Disadvantages: Compromises message confidentiality Uses: Transmission of non-critical information Transmission of delay sensitive information

5 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Message Authentication Code Message Authentication Code (MAC) The message content and a secret key are used to generate a small block of data appended to the message DES is used to encrypt the message and the last bits of the encrypted message act as a MAC Advantages: No decryption is necessary Disadvantages: It is as computationally expensive as DES

6 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Hash functions A hash function is a fingerprint of a message, file or block of data A hash function used for message authentication must have the following properties: –It can be applied to messages of any size –It must produce a fixed length output regardless of the size of the input –The computational complexity to find the output must be reasonable –The output must always be different from the input –For a given message, it must be computationally infeasible to find another message with the same output –For a pair of messages, it must be computationally infeasible to find equal outputs

7 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Examples of Secure Hash Functions SHA-1 Developed by NIST published in FIPS PUB 180 in 1993, revision FIPS PUB 180-1 issued in 1995 Maximum input message of 2 64 bits Message digest of 160 bit Input processed in 512 bit blocks MD5 Specified in RFC 1321 No maximum input message length Message digest of 128 bit Input processed in 512 bit blocks

8 Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Examples of Secure Hash Functions RIPEMD-160 Developed by European researchers trying to break MD4 and MD5. No maximum input message length Message digest of 160 bit Input processed in 512 bit blocks HMAC Cryptographic hash function (combination of MAC and SHA-1). Specified in RFC 2104. HMAC is as computationally expensive as the hash function employed (SHA-1)

9 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: Explain the uses of public-key cryptography Describe the operation of public-key cryptography Produce public and private keys using integer numbers Explain the RSA and Diffie-Hellman algorithms Identify the main issues on key management

10 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Introduction Proposed by Diffie and Hellman in 1976 Based on mathematical functions not on bit operations Used to encrypt messages Main uses: –Confidentiality –Key distribution –Authentication

11 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Operation of public-key cryptography Elements of public key cryptography: Message Encryption algorithm Public and private key Ciphertext Decryption algorithm

12 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Characteristics of public-key algorithms The following conditions must be met for a public-key algorithm: It must be computationally effective to generate both keys It must be easy for the sending party to encrypt a message knowing the public key It must be computationally effective to decrypt the message using the private key It must be computationally infeasible to determine the private key

13 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 RSA public-key encryption algorithm Developed by Rivest, Shamir and Adleman in 1977 Most widely accepted public-key encryption algorithm In RSA the message, ciphertext and keys are represented as integer numbers

14 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 RSA operation C=M e mod n M=C d mod n = (M e ) d mod n = M ed mod n 0 < M & C < n Public key  e, n Private key  d, n e and n must be large values for the algorithm to be robust

15 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 RSA steps 1. Select two arbitrary (preferably large) prime numbers p and q 2. n = pq 3. Calculate Φ(n) = (p-1) (q-1) 4. Select an integer e such that e is a relative prime of Φ(n) 5. Calculate d such that de mod Φ(n)=1 6. Private key  e, n 7. Public key  d, n

16 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Key management Public-key certificates Public-keys are public, but they need to be authenticated Public-key certificates are public keys plus a user ID signed by a Certificate Authority (CA) Any user trying to verify the authenticity of a public key can get the appropriate certificate from the CA and validate the public key

17 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Key management Distribution of secret keys Public key algorithms can be used to distribute secret symmetric keys Encrypt the secret key with a one-time only session key Encrypt the session key using a trusted certified public-key Attach the encrypted session key to the encrypted session key and send both of them

18 Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Resources Stallings W., Network Security Essentials, 2 nd Edition, Prentice Hall, 2002 (Chapter 3) FIPS 180-1 – Secure Hash Standard http://www.itl.nist.gov/fipspubs/fip180-1.htm Schneier on Security: SHA-1 broken http://www.schneier.com/blog/archives/2005/02/sha1_broke n.html RFC 1321 MD5 Message Digest Algorithm RFC 2104 HMAC: Keyed-Hashing for Message Authentication RSA Laboratories http://www.rsasecurity.com/rsalabs RFC 2631 Diffie-Hellman Key Agreement Method

Download ppt "Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
Information Security Principles & Applications Topic 4: Message Authentication 虞慧群

Information Security Principles & Applications Topic 4: Message Authentication 虞慧群
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies

Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.

Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Similar presentations

Ads by Google