Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Web security: SSL and TLS
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Secure Socket Layer.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Security and Reliability Issues in Distributed Systems Chan Hing Wing, Anthony MPhil Term 1, CSE CUHK December 11, 1998.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Principles of Information Security, 2nd edition1 Cryptography.
Cryptography and Network Security Chapter 17
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Web Security.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Computer Networks with Internet Technology William Stallings Network Security.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Chapter 21 Distributed System Security Copyright © 2008.
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
Tunneling and Securing TCP Services Nathan Green.
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
1 SSL/TLS. 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
The Secure Sockets Layer (SSL) Protocol
Cryptography and Network Security
Secure Sockets Layer (SSL)
Public-Key Cryptography
Cryptography and Network Security
Cryptography and Network Security
SSL (Secure Socket Layer)
The Secure Sockets Layer (SSL) Protocol
Cryptography and Network Security
Presentation transcript:

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998

Presentation Overview n Introduction n Public-key cryptography: RSA n Secret-key cryptography: DES n The SSL protocol n Open discussion

Introduction n Privacy u Keeping communication contents secret, known to a predetermined set of people, unknown to others n Security u A means to achieve privacy u An attempt against attacks like: eavesdropping, tampering, message replay u Tools: cryptography, secure protocol

Some security attack scenarios Eavesdropping: Peter Mary Lets meet at 5pm, old place Tom hee hee… Tampering: PeterMary Lets meet at 5pm, old place Tom Lets meet at 3pm, old place Replaying: Peter Tom Lets meet at 3pm today Mary One day later: Lets meet at 3pm today

Cryptography n Transformation of data into a secret form that is infeasible to read without knowledge of a shared secret (a key) n Achieve privacy by making information hidden to people who dont know the key n Encryption key and decryption key may be the same (secret-key cryptography) or different (public-key cryptography) DataSecret-form data encryption decryption

Private Key Cryptography n The same key is used for both encryption and decryption n One technique: block ciphers u transform fixed-length blocks of plain-text data into fixed- length blocks of cipher-text (secret-form) data n An example: DES (Data Encryption Standard) Plain-text block 1Plain-text block 2Plain-text block 3... Cipher-text block 1Cipher-text block 2Cipher-text block 3... Encrypt using key K

DES n Data Encryption Standard, also known as Data Encryption Algorithm (DEA) n Developed by IBM, refined by NBS n Block size of 64 bits, key size of 56 bits n 16 rounds of Feistel Ciphers: n Most widely used block ciphers, but being replaced by AES, Advanced Encryption Standard Round 1 Round 2 Round 16 Plain-text block Cipher-text block

Private Key cryptography n Stream ciphers (e.g., RC4) u transform plain-text data into cipher-text data bit by bit, and vice versa u can be much faster than block ciphers, but less secure n Message Authentication Codes (MAC) u a checksum obtained by applying an authentication scheme (DES, RC4, etc.) and a secret key to a message u the recipient verifies the integrity of the message by calculating the MAC with the secret key again

Public Key Cryptography n Encryption and decryption use different keys n A popular method: RSA n RSA key generation: u Find 2 large prime numbers p, q Choose d relatively prime to z=(p-1)(q-1) u Find e such that e X d = 1 mod z u Let n = pq u Public key: (n, e); Private key: (n, d) u Encrypting message M: E(M) = M e mod n u Decrypting cipher-text c: D(c) = c d mod n

RSA: An Example n Pick p = 5, q = 7, z = 24, n = 35 n Choose d = 5, relatively prime to z n 1 mod z = 1, 25, 49, 73, 97, 121, n Pick e = 145 / d = 29 n Public key (35, 29); Private key (35, 5) n Encrypting message M = 10: E(M) = mod 35 = 5 n VERIFY: Decrypting cipher-text c = 5: D(c) = 5 5 mod 35 = 3125 mod 35 = 10 = M n In practice, much larger primes p, q are used n The security provided by RSA relies on the fact that it is computationally infeasible to factor a large number n to find out p, q, and hence z, e

Digital Signatures, Certificates n Digital signature u The recipient verifies the signature by decrypting the signature with senders public key, and compares decrypted message with M n Certificate u A digitally signed public key u Used to verify a claimed-to-be public key of an entity Message M M encrypted with senders private key

SSL Protocol n Secure Socket Layer, developed by Netscape Corporation n Aims to provide privacy and reliability between two communicating applications n Overview: Application data protocol SSL handshake protocol SSL record protocol Reliable transport protocol (e.g., TCP) SSL record protocol Application data protocol SSL handshake protocol Application 1 (e.g., telnet, ftp) Application 2

SSL Protocol n Record protocol u encapsulate higher level protocols u divide messages into blocks u compresses message blocks u applies MAC to message blocks u encrypts and transmits message blocks n SSL handshake protocol u allow the client to authenticate the server, and the server to authenticate the client u negotiate an encryption algorithm and key for application data transmission n Application data protocol u transmits data from applications to the record layer, which then sends the data securely

SSL Handshake Protocol CLIENTSERVER Hello! I want to connect with you. I understand encryption algorithms like DES, RC4, IDEA, etc.… Hello, then lets use DES. This is my certificate with my public key on it. Please check. (Client verify servers public key...) Alright, Ive generated a DES master key. Here I encrypt it with your public key and send it to you Im finished.. (Server decrypts the DES key received from client…) Ok, I received your key. Im finished Data encrypted with the DES master key

SSL Protocol n How does it achieve privacy? u All data are encrypted during transmission, therefore, eavesdropping is useless unless the eavesdropper knows how to decrypt the message u Moreover, an attacker will not be able to tamper a message because he does not know how to encrypt it u A session-id is assigned by the server to each connection, so that an attacker cannot pretend the client later by replaying the message

Summary n We introduced basic cryptographic techniques, DES and RSA, and their application in MAC, digital signatures and certificates n We introduced the SSL protocol developed by Netscape Corp. as a secure protocol for data transmission

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.