Presentation is loading. Please wait.

Presentation is loading. Please wait.

Practice and Experience in the Application of Cryptography Bao Feng Cryptography and Security Department.

Published byHilary Moody Modified over 8 years ago

Similar presentations

Presentation on theme: "Practice and Experience in the Application of Cryptography Bao Feng Cryptography and Security Department."— Presentation transcript:

1 Practice and Experience in the Application of Cryptography Bao Feng Cryptography and Security Department

2 Applications of Crypto in Daily Life 1.Internet – wifi, SSL, VoIP, VPN 2.Handphone – A5/1, COM128, KASUMI 3.PayTV – conditional access control (CAS) 4.RFID, NFC – remote controller, card Symmetric key cryptosystems take the majority PKC only for Internet

3 Public Key Cryptosystems Digital signature Digital cash Fair exchange PIR E-voting and e-auction Searchable encryption Private matching Privacy-preserving data mining

4 Digital Signature The topic generating most research papers A revolution in the history of authentication Currently mainly applied as certificate Many proposed application scenarios, but not really applied. Accepted in legislation, but not accepted by ordinary people Become a subset of e-signature

5 Digital Cash Simulating physical cash Untracability Double-spending detecting Unsuccessful in business Critical vulnerability: not preventing double-spending

6 Fair Exchange Fair exchange without TTP, or with offline TTP. No research interest with TTP. TTP is needed in real world. In front of people without crypto knowledge, real-world TTP overwhelms dislog and factorization. Real world security has different model from crypto’s

7 Private Information Retrieval Similar to OT, but aiming at minimizing communication. Two types of PIR Cost in performance trade privacy Difficult to find business model No high demand from ordinary users, while for special users crypto may not be the only way

8 E-voting and E-auction Public key crypto protocols Challenge: fulfill numerous requirements, anonymity, authentication, verifiability, untracability, etc Too complicated to understand for layman E-voting will prevail, but may not be PKC

9 Searchable Encryption Both PKC and SKC Database outsourcing Server can search ciphertext Performance suffers a lot at server side What application? Sensitive data outsource?

10 Private Matching Problem definition Ideal situation Current solutions asymmetric Most solutions from database community and many earlier ones not secure

11 Summary of Downside Performance – business can’t tolerate scalability shrinking, e.g., credit card Business model – distributed model hard to manage commercially. Who runs the service Layman’s perception – perceived security more important for business Low-end security vs high-end security – a dilemma. National security excludes public research in some areas

12 Our Experience and Observations SKC demanded more than PKC (for business model, 1-to-n more than n-to-n) Key management (shortage of SKC shrinking with rapid growth of hardware, even for n-to-n) Standard vs non-standard Fulfill various requirements (lock builder) Practical solutions more demanded than the solutions of high research value, e.g., brute force Embedded in other applications Jump beyond cryptographer’s mindset

13 Promising Areas Smart energy grid Sensor network and RFID Cloud computing Content security (IPTV, pay-TV) Handphone security Ciphers for niche areas

14 Thank you! Q & A

Download ppt "Practice and Experience in the Application of Cryptography Bao Feng Cryptography and Security Department."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.

Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Cryptography The science of writing in secret code.

Cryptography The science of writing in secret code.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
EMTM 553 Electronic Commerce Systems

EMTM 553 Electronic Commerce Systems
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

Similar presentations

Ads by Google