Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet-security.ppt-1 (2000-11-26) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.

Published byDarlene Wright Modified over 8 years ago

Similar presentations

Presentation on theme: "Internet-security.ppt-1 (2000-11-26) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the."— Presentation transcript:

1 internet-security.ppt-1 (2000-11-26) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the building blocks...

2 Kommunikationsnetz Franken e.V. internet-security.ppt-2 (2000-11-26) 2000 © Maximilian Riegel Internet Security Agenda  Basic cryptography  Hash functions  Secret key cryptography  Public key cryptography  Providing identity  Verifying information  Keeping secrets  Key management  Internet security protocols

3 Kommunikationsnetz Franken e.V. internet-security.ppt-3 (2000-11-26) 2000 © Maximilian Riegel Internet Security Basic Cryptography  “Cryptography” originates from Greek for “secret writing”  Keeping information secret is often associated with cryptography. Important uses of cryptography to gain security  Confidentiality - keeping secrets against eavesdropping  Authentication - providing identity against forgery and masquerade  Message integrity - verifying information against alteration This document specifies an Internet standards track protocol. Guvf qbphzrag fcrpvsvrf na Vagrearg fgnaqneqf genpx cebgbpby. This document specifies an Internet standards track protocol. Guvf qbphzrag fcrpvsvrf na Vagrearg fgnaqneqf genpx cebgbpby. Cryptography is no mean against denial of service!

4 Kommunikationsnetz Franken e.V. internet-security.ppt-4 (2000-11-26) 2000 © Maximilian Riegel Internet Security Types of Cryptography  Secret key cryptography  Symmetric encryption The same key is used for encryption and decryption  Public key cryptography  Asymmetric encryption Separate keys for encryption and decryption, only one of them needs to be kept secret.  Hash functions  Compressing a message to a string of fixed length (the “message digest”) such that the function is one way.  Popular techniques are MD4, MD5 and SHA-1 Message compression function digest

5 Kommunikationsnetz Franken e.V. internet-security.ppt-5 (2000-11-26) 2000 © Maximilian Riegel Internet Security Secret key cryptography  The same key and the same mathematical transformation is used for both encryption and decryption.  Symmetric encryption algorithms require relative small computation power and are suited for high bandwidth.  Security is provided by reasonable keys lengths (at least > 64bit, usually 128-160 bit).  Stream ciphers process byte by byte whereas block ciphers process fixed blocks of data.  Block ciphers require an initialization vector to gain full strength.  Common used algorithms are: DES, 3DES, RC2 and RC4 The DES cipher

6 Kommunikationsnetz Franken e.V. internet-security.ppt-6 (2000-11-26) 2000 © Maximilian Riegel Internet Security Public key cryptography  The public key cryptography uses two different keys for encryption and decryption. Only one of the key pair needs to be kept secret (the private key), the other must not be secret at all.  Data encrypted by the public key can only decrypted by the private key.  Some algorithms like RSA are reversible allowing data encrypted by the private key to be decrypted by the public key.  Public key cryptography or asymmetric encryption is very computational intensive and thus not suited for large chunks of data. Source: Stephen Thomas; SSL and TLS Essentials

7 Kommunikationsnetz Franken e.V. internet-security.ppt-7 (2000-11-26) 2000 © Maximilian Riegel Internet Security Providing Identity Source: Stephen Thomas; SSL and TLS Essentials  Bob receives a message with important information, purportedly from Alice.  How can Bob make sure that the message is really coming from Alice?  Charles might have forged the card to make it appear as if it from Alice.

8 Kommunikationsnetz Franken e.V. internet-security.ppt-8 (2000-11-26) 2000 © Maximilian Riegel Internet Security Providing identity by public key cryptography Source: Stephen Thomas; SSL and TLS Essentials  Reversible public key algorithms such as RSA (Rivest Shamir Adleman) can be used for digital equivalent of a signature.  Bob enciphers the message with his private key and sends the information to Alice.  Alice can use the public key of Bob known to her to decipher the message to check whether the message is really from Bob.

9 Kommunikationsnetz Franken e.V. internet-security.ppt-9 (2000-11-26) 2000 © Maximilian Riegel Internet Security Verifying information  Providing identity does not make sure the message has not altered by a man in the middle.  Using a hash function over the whole message, generating a message digest of it and enciphering the message digest by the private key of the author provides a digital signature allowing to check the identity as well as the integrity of the message.  The receiver decrypts the digital signature received together with the message and compares it to the message digest calculated locally. Source: Stephen Thomas; SSL and TLS Essentials

10 Kommunikationsnetz Franken e.V. internet-security.ppt-10 (2000-11-26) 2000 © Maximilian Riegel Internet Security Keeping secrets  Alice likes to send confidential information to Bob. It is extremely important, that no one other than Bob can get access to the plaintext information.  Charles might be extremely interested in this information taking any means to get access to the data. The weakest part might be the cipher key of the encryption. Source: Stephen Thomas; SSL and TLS Essentials

11 Kommunikationsnetz Franken e.V. internet-security.ppt-11 (2000-11-26) 2000 © Maximilian Riegel Internet Security Combining secret and public key cryptography  Keys used for symmetric encryption might be vulnerable.  Use of public key cryptography allows to establish a new symmetric key whenever data has to be send.  Alice generates a random number and uses the public key of Bob to encipher it and send it secret to Bob. Only Bob can decrypt the encrypted random number.  The Diffie-Hellman algorithm is another method to establish a secret key between two parties only using public messages. Source: Stephen Thomas; SSL and TLS Essentials

12 Kommunikationsnetz Franken e.V. internet-security.ppt-12 (2000-11-26) 2000 © Maximilian Riegel Internet Security Key management  Public key cryptography requires the reliable provisioning of the public keys. Digital signatures fully depend of the identity of the public keys.  Public key certificates are electronic documents allowing the check of the validity of someone's public key.  The public key of the Subject is signed by the private key of the Issuer. Signing means applying a hash function, generating a message digest and enciphering the message digest with the private key.  The issuer of certificates are traditionally known as Certificate Authorities (CA). A public key certificate

13 Kommunikationsnetz Franken e.V. internet-security.ppt-13 (2000-11-26) 2000 © Maximilian Riegel Internet Security Cryptography in the Internet Internet/Web Applications Internet link phy ip tcp http www link phy ip link phy ip link phy ip link phy ip link phy ip link phy ip link phy ip tcp http www Peer (Client) Peer (Server) Cryptography can be put into any layer providing end-to-end transparency.

14 Kommunikationsnetz Franken e.V. internet-security.ppt-14 (2000-11-26) 2000 © Maximilian Riegel Internet Security Security protocols HTML http tcp ip 802.2 user data appl. header tcp headerapplication data ip header Ethernetip headertcp headerappl. headeruser data TCP segment IP datagramm Ethernet frame 64 - 1500 bytes 14 bytes20 bytes ipsec ssl, tls, ssh pgp Key Management

Download ppt "Internet-security.ppt-1 (2000-11-26) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
Security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.

Security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Cryptographic Security Presented by: Josh Baker October 9 th, 2012 1CS5204 – Operating Systems.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

Similar presentations

Ads by Google