Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Published byCody Gordon Modified over 8 years ago

Similar presentations

Presentation on theme: "Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding."— Presentation transcript:

1 Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding

2 RSA algorithm The most famous algorithm to handle public key encryption is the RSA algorithm. Named after its founders (Ron Rivest, Adi Shamir and Leonard Adelman). There are two interrelated components in RSA: Choice of the public key and the private key. The encryption and decryption algorithm. 2

3 RSA algorithm RSA algorithm is based on mathematical exponentiations, which are very time consuming. In comparison to DES, RSA is more than 100 times slower in software and between 1,000 to 10,000 times slower in hardware than DES. Because of this disadvantage in RSA, it is usually used in combination with DES. (i.e. RSA will be used first to encrypt and send the DES secret key. later, the messages between the sender and the receiver will be encrypted using the shared secret key). A similar technique is used in SSL protocol. 3

4 Signature Handwritten signature is used to authenticate the identity of the sender, to guarantee that the message have not been changed. It is also used as an evidence against sender repudiation. Digital Signature is the electronic equivalent of the written signature.

5 Digital signature and message integrity Encryption and decryption essentially used to achieve confidentiality. But they are computationally expensive and in many cases confidentiality is not needed. For example, two routers exchanging routing tables doesn’t need secrecy, instead they need to authenticate the sender and to ensure that the message has not been changed en route (message integrity). This is why digital signature is used. 5

6 Digital signature In the case of symmetric key, there is a single shared secret key. The fact that the sender knows the secret key implicitly identifies the sender to the receiver. In the case of public key cryptography, however, this is no longer true since anyone can claim to be Ali, encrypt and send a message to Bacil using Bacil’s public key. To solve this problem, Digital Signature was developed. 6

7 Digital signature We can carryout digital signature by encrypting data with the private key of the sender. ( and If we want to achieve confidentiality too, we have also to encrypt the result with the public key of the receiver). This is not a good idea. Why ?

8 Digital signature A more efficient approach is to use the “Message Digest” technique. Message Digest (sometimes called Hash Value) is a somehow like a checksum, used to ensure that the message was not changed en route. Message Algorithm (sometimes called Hash Function) is an algorithm that takes a message m and compute a fixed length fingerprint of data from it, known as “message digest”, H(m).

9 Digital signature The idea here is that the message digest H(m) of the message m is an indicator of whether the message has been changed during transmission or not. - If m is changed to m`, we will find that H(m) ≠ H(m`) - In fact, any change in m will result in completely different H(m) - The chance that two different messages may have the same H(m) is almost imposible, and it is unfeasible to compute m from its H(m).

10 Digital signature Lets suppose that Ali wants to sign a message to ensure that Bacil will receive it unchanged. - If the H(m) computed at the receiver and the H(m) received are equal this confirms that the message was not changed during transmission. (message integrity). - Since the H(m) was encrypted using the private key of the sender, this authenticate the sender. * This is basicly the digital signature. Retrieve m and H(m), then calculate H(m) for m. Compare the computed H(m) with the received H(m) If they are equal, the message was not changed. Calculate H(m) of the message m. Then encrypt H(m) using Ali’s private key Ali Bacil m plain or encrypted with B’s public key + H(m) encryped with A’s private key Insecure Channel

11 Standards for hash functions: The Secure Hash Algorithm (SHA-1): this algorithm produces a message digest of 160 bit from message. The MD5: produces 128 bit message digest. The Digital Signature Algorithm (DSA): adopted by the government of the United States. * Many countries put laws making digital signature as legally binding as normal handwritten signature.

12 Key distribution and certification The main disadvantage in symmetric key cryptography is the need for the two communicating parties to agree upon the secret key before they begin to communicate. In public key cryptography there is no need to agree on a secret key on advance. But one of the problems in public key cryptography is about obtaining securely the public key. (In other words, how can you be sure that the public key of Ali is really belongs to Ali, not to someone else claiming that he is Ali). These problems can be solved using a trusted intermediary.

13 Key distribution and certification The trusted intermediary for the symmetric key cryptography is called a Key Distribution Center (KDC). It is a server that is used to establish a symmetric key by one party and then send it securely to the other party. For example, Kerberos. The trusted intermediary for the asymmetric key cryptography is called Certification Authority (CA). The Certification Authority certifies that a public key really belongs to a particular entity. CA’s job is to validate identities and to issue certificates. The certificate binds a public key to its owner. (The certificate is also digitally signed by the CA).

14 Certification The most famous format for certificates today is called X.509 With the recent boom in E-commerce, there has been increased interest in certification authorities. Among the companies providing CA services are Cybertrust, Netscape, Thawte and VeriSign.

15 Certificates

Download ppt "Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Chapter 11: Cryptography

Chapter 11: Cryptography
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Chapter 31 Network Security

Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Similar presentations

Ads by Google