Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography: Digital Signatures Message Digests Authentication

Published byPaul Flowers Modified over 8 years ago

Similar presentations

Presentation on theme: "Cryptography: Digital Signatures Message Digests Authentication"— Presentation transcript:

1 Cryptography: Digital Signatures Message Digests Authentication
Security in Computing Cryptography: Digital Signatures Message Digests Authentication

2 Digital Signatures Non-repudiation (non-denial)
How do you legally prove who actually send you the message? Receiver can verify the claimed identity of sender Sender cannot later repudiate contents of the message Receiver cannot possibly have concocted message by himself/herself

3 Digital Signatures Purpose
Authenticity of legal / financial documents is determined by authorised handwritten signatures Photocopies may be forged and don’t count! Growing need for computing systems to replace physical transport of paper documents The problem is devising a method of “digital signatures” to be used as legal signatures

4 Digital Signatures Symmetric Scheme A, KA (B, RA, t, M)
Trusted Central Authority (CA) is needed CA shares secret key K with sender (Alice) and receiver (Bob): KA and Kb Alice (A)sends message (M)encrypted with her key (KA) to her banker Bob (B) via CA A, KA (B, RA, t, M) A = Alice’s identity; B = Bob’s identity; RA = Random number chosen by Alice; t = timestamp to ensure freshness KA(...) means the message is encrypted using the secret key Alice shares with CA

5 Digital Signatures CA sees message is from Alice and decrypts it using Alice’s secret key, KA CA then uses Bob’s secret, KB, to encrypt an extended message containing: Alice’s original plaintext message to Bob the “signed message” encrypted with CA’s secret key, KCA(A, t, M) Extended message is then sent to Bob KB (A, RA, t, M, KCA(A, t, M)) KA(...) means the message is encrypted using the secret key Alice shares with CA

6 Digital Signatures Verification: A case in Court
Alice later denies sending message to Bob Bob tells judge that CA will only accept message form Alice if encrypted with her key, KA Bob produces Exhibit 1: KCA(A, t, M)) Judge asks trustworthy CA to decrypt Exhibit I who also testifies that Bob is telling the truth Judge rules in favour of Bob, case dismissed!

7 Digital Signatures Problems Digital Signature Public key Scheme?
Replay attacks: Timestamp; random number Digital Signature Public key Scheme? Using timestamps throughout minimises the problem Based on timestamps old messages are rejected To guard against instant replay attacks Bob checks RA of every incoming message RA((Random number in Alice’s message) is checked to see if any other incoming message contains the same RA. If not then the assumption is that this is new message / request.

8 Message Digests Integrity One –way Hash function
Digital signatures couple together two distinct functions (criticism): “authentication” (i.e. verification) & secrecy “Authentication” is often needed but secrecy is not Message digests provide a more efficient approach to digital signatures

9 Message Digests Comparing Digital Signature and Message Digests
Digital Signature: A, KA(B, RA, t, M) (from Alice to Bob via CA) KB (A, RA, t, P, KCA(A, t, P)) (from CA to BOB) Extended message to Bob

10 Message Digests Message Digest Public Key Scheme? Message Digest:
Instead, consider CA computing a message digest MD(P) by applying MD to P KB ( A, RA, t, P KCA( A, t, MD (P) ) ) Thus, message digest MD(P) is signed and NOT P (computationally faster to do so) Message Digest Public Key Scheme?

11 Message Digests Applications
Message Digest 5 (MD5) / & MD6 are prominent by Ronald Rivest Secure Hash Algorithm (SHA-1) + newer versions of SHA-1 Others (Investigate)

12 Authentication Authentication Vs Digital Signatures
Digital Signatures guarantee non-repudiation at some point in the future Authentication – verifying someone’s identity during communication Authentication – how do you know it’s Alice and not Trudy (imposter) you are ‘talking’ to?

13 Authentication Authentication Vs Authorisation
Authorisation – what a process is permitted to do Server: Is Bob’s process allowed to delete a file ? Authentication – are you actually communicating with the process you think you are? Server: Needs to determine if this is Bob’s process

14 Authentication Based on shared secret key (symmetric)
Commonly known as challenge-response protocols Alice and Bob share secret key, KAB Alice or Bob sends a random number to the other Alice or Bob transforms it in some way and returns the result back to the other

15 Two way Authentication: challenge –response
Alice Bob A RB KAB (RB) RA This protocol contains five messages. Can it be shortened? Alice sends her identity to Bob Bob chooses a challenge to be sure this came from Alice and not Trudy The challenge Bob sends is a large random number RB as plaintext to Alice Alice encrypts message using shared secret key and sends ciphertext KAB(RB) to Bob Bob decrypts ciphertext and checks RB Bob is now sure he is talking to Alice and not Trudy (Trudy does not know KAB) *But Alice does not know she is talking to Bob (Trudy could have sent plaintext RB to Alice!) Therefore, Alice sends Bob her own RA and when Bob returns KAB(RA), Alice knows it’s from him To establish a session key (optional), Alice picks a session kye KS and sends Bob KAB (KS) *As far as Alice is concerned Trudy could have intercepted the first message (see diagram) and sent the random number to her. So Alice does same as what Bob did. KAB (RA) Source: A S Tanenbaum

Download ppt "Cryptography: Digital Signatures Message Digests Authentication"

Similar presentations

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Network Security Chapter 8 8.3 - 8.6. Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.

Network Security Chapter Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Similar presentations

Ads by Google