Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities."— Presentation transcript:

1 Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities

2 Mar 4, 2003Mårten Trolin2 Previous lecture General differences between asymmetric and symmetric cryptography General design of interactive protocols Key exchange Man-in-the-middle

3 Mar 4, 2003Mårten Trolin3 Diffie-Hellman The first public key type result to be published! Performs agreement on a common key without a need for the parties to have public and private keys

4 Mar 4, 2003Mårten Trolin4 Diffie-Hellman key agreement TCP/IP User Web server Sends x ( = g a mod p) Communication encrypted under k = g ab mod p Generates a number 0 < a < p and computes x = g a mod p Decides on a prime p and a number g < p Generates a number 0 < b < p and computes y = g b mod p Sends y ( = g b mod p) Computes k = x b mod p Computes k = y a mod p

5 Mar 4, 2003Mårten Trolin5 Diffie-Hellman key agreement The user computes x b = (g a ) b mod p The server computes y a = (g b ) a mod p Since (g a ) b = g ab = g ba = (g b ) a mod p both parties will use the same key! Vulnerable to a man-in-the-middle attack –The man-in-the-middle negotiates one key with the user and one key with the server

6 Mar 4, 2003Mårten Trolin6 Authentication Authentication is the process where the parties convince each other of their identity –Your passpart authenticates you to the border guard –Producing your signature on a credit card slip authenticates you to the sales-person Shared secret (password) Known public key Public key certificate

7 Mar 4, 2003Mårten Trolin7 Shared secret The server has given the user a password on a secure channel (registered mail, in person etc.) After negotiating a common symmetric key, the user sends his password to the server. The server verifies the password against the password stored in the database If the contents match, the user is accepted.

8 Mar 4, 2003Mårten Trolin8 Shared secret – problems Vulnerable to the man-in-the-middle attack if server not authenticated –Secure in combinations with other methods Suitable only for situations where there are a limited number of users –Webmail services (www.hotmail.com, www.mail.ru, www.one.lv) –Online banking Each user needs a different shared secret for each server

9 Mar 4, 2003Mårten Trolin9 Known public key If the user knows the server’s public key in advance, he can verify its correctness during key agreement Protects against man-in-the-middle, since the user would detect that the public key has been replaced Protects against fake servers, since the fake server does not know the original server’s private key

10 Mar 4, 2003Mårten Trolin10 Known public key – problems Complicated key distribution –Each user must know the key of the server it connects to

11 Mar 4, 2003Mårten Trolin11 Public key certificates Known public keys eliminates the man-in-the-middle attack, but leaves the key management complicated Public key certificates address this problem Public key certificates lets a trusted third party (Certificate Authority, CA) use a digital signature to certify that a public key belongs to a certain entity (person or organization) –Compare with passports

12 Mar 4, 2003Mårten Trolin12 Public key certificates A public key certificate consists of –A public key –Information on the owner Name, address, photograph, finger-print, credit card number, etc. –A signature on the above data by a trusted party Trusted party could be the government, a bank, etc. User’s public key Identification data Digital signature by CA User’s Private key Public information Private information

13 Mar 4, 2003Mårten Trolin13 Certificate authorities (CAs) Trusted parties that sign certificates Trusted because they are known to sign only true information Their public keys are widely spread –If a user knows a CA’s public key, he can verify every certificate that CA has signed

14 Mar 4, 2003Mårten Trolin14 Example of use of certificates TCP/IP User (p u, s u ) Web server (p s, s s ) User’s public key p u k 1 encrypted under p u. Public key certificate containing p s. Communication encrypted under k = k 1  k 2 Decrypts k 1 using s u. Generates k 2 Generates k 1 k 2 encrypted under p s. Decrypts k 2 using s s.

15 Mar 4, 2003Mårten Trolin15 Certificates and man in the middle If the user knows the CA public key in advance, he can verify the certificate. We are now safe from the man-in-middle A man-in-the-middle has to replace the original public key with his own. –The signature in the certificate is no longer valid since the public key changed! The user expects a certificate with certain identifying information. The man-in-the-middle does not possess such a certificate. –User will terminate the transaction.

Download ppt "Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.

Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.

Similar presentations

Ads by Google