Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI.

Published byKelley Sanders Modified over 8 years ago

Similar presentations

Presentation on theme: "Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI."— Presentation transcript:

1 Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI

2 Encryption Symmetric Shared-secret Password Most common form of general cryptography Asymmetric Public/Private Key

3 Symmetric User supplied password Examples DES AES MD5 Crypt Cleartext password goes in and comes out as a hash

4 Symmetric Example: MD5 %openssl passwd -1 -salt "test" -stdin password $1$test$28Tmd0tsvqI1Eq.TDxcaq/ Password: password Resulting hash: 28Tmd0tsvqI1Eq.TDxcaq/

5 Assymmetric Public key is derived from Private key Data encrypted with Public key can only be decrypted with Private and vice vesa Example RSA ElGamiel

6 Assymetric Example: x509 certificate %openssl x509 -inform DER -text -in root.der Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, ST=Utah, L=Orem, O=Apple, OU=Edu, CN=dsinema root CA/emailAddress=dsinema@apple.com Validity Not Before: Jun 14 18:19:48 2004 GMT Not After : Jul 14 18:19:48 2004 GMT Subject: C=US, ST=Utah, L=Orem, O=Apple, OU=Edu, CN=dsinema root CA/emailAddress=dsinema@apple.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ce:eb:78:66:c8:cf:a2:ab:39:9c:35:2b:3f:2e: 4e:bb:c8:cd:e3:3f:c2:67:5e:81:07:d6:ea:1d:75: 79:37:8f:e6:d8:92:e5:c2:15:d4:34:10:81:7b:d3: 24:18:ae:59:b3:52:8f:27:d9:9b:5b:fd:6d:9a:f1: e9:f5:c9:0d:6c:e4:60:35:ce:07:e4:02:c8:4a:92: 0b:bb:1c:d6:4f:f8:88:fa:d1:63:7b:da:49:80:90: b9:a4:19:ee:02:32:0b:c2:ad:45:30:49:2e:b1:1c:

7 Basics of SSL Client sends handshake to the server Server replies with a certificate Key exchange and negotiation Data transfer Optionally Client can be required to provide certificate

8 SSL

9 SASL Simple Authentication and Security Layer RFC 2222 Plug-able authentication scheme Client/Server negotiate auth mechanism Can also negotiate a security layer Such as SSL/TLS

10 SASL cont. Defines Kerberos v4 GSSAPI (Kerberos 5) S/Key External

11 PKI A world wide “authentication” model SSL/TLS uses PKI Trusted third party authenticates the server and issues certificates for the server Third party can: Set expiration dates on certificate Revoke certificates Certificates Authorities Thwate RSA

Download ppt "Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
CP3397 ECommerce.

CP3397 ECommerce.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.

Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications

Similar presentations

Ads by Google