Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Slides:

Advertisements

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Advertisements

Digital Signatures and Hash Functions. Digital Signatures.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Information Security Principles & Applications Topic 4: Message Authentication 虞慧群

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

Cryptographic Technologies

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

EEC-484/584 Computer Networks Lecture 16 Wenbing Zhao

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

Chapter3 Public-Key Cryptography and Message Authentication.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Cryptography and Network Security Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown/Mod. & S. Kondakci.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

PULIC –KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION.

Public Key Model 8. Cryptography part 2.

Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden

Bob can sign a message using a digital signature generation algorithm

Behzad Akbari Spring In the Name of the Most High.

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Public Key Cryptography and the RSA Algorithm Cryptography and Network Security by William Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik.

IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Public-Key Cryptography CS110 Fall Conventional Encryption.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Chapter 21 Public-Key Cryptography and Message Authentication.

Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.

1 Public-Key Cryptography and Message Authentication.

Computer and Network Security Rabie A. Ramadan Lecture 6.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

Cryptography and Network Security Chapter 9 - Public-Key Cryptography

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

CSCE 815 Network Security Lecture 8 SHA Operation and Kerberos.

PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

Cryptographic Hash Functions and Protocol Analysis

IT 221: Introduction to Information Security Principles Lecture 4: Public-Key Cryptography For Educational Purposes Only Revised: September 15, 2002.

Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”

Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

1 Public Key Cryptography. 2 Public Key Cryptography Agenda: Message authentication – authentication codes and hash functions Public key encryption –

Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.

Public-Key Cryptography and Message Authentication

Intro to Cryptography Some slides have been taken from:

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

Chapter 3 - Public-Key Cryptography & Authentication

Message Authentication

Presentation transcript:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain the importance of message authentication on Internet communications –Describe message authentication with and without message encryption and identify its uses –Explain the operation of simple hash functions and secure hash functions –Describe the main parameters of MD5 and SHA1

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Introduction Message authentication is necessary to: Make sure that the message was transmitted properly No content was altered or deleted during transmission Protects users against active attacks

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Message authentication strategies Authentication & symmetric encryption Simply encrypt the message using a symmetric encryption algorithm Assume only the receiver and the sender know the key Advantages: Message confidentiality is kept Disadvantages: Computationally expensive Uses: Transmission of critical information

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Authentication using message digests A digest is a code generated using the message content that is appended at the end of the message. When the message is received, the digest is regenerated and compared with the message received Message digests are usually encrypted Advantages: Computationally cheaper Disadvantages: Compromises message confidentiality Uses: Transmission of non-critical information Transmission of delay sensitive information

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Message Authentication Code Message Authentication Code (MAC) The message content and a secret key are used to generate a small block of data appended to the message DES is used to encrypt the message and the last bits of the encrypted message act as a MAC Advantages: No decryption is necessary Disadvantages: It is as computationally expensive as DES

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Hash functions A hash function is a fingerprint of a message, file or block of data A hash function used for message authentication must have the following properties: –It can be applied to messages of any size –It must produce a fixed length output regardless of the size of the input –The computational complexity to find the output must be reasonable –The output must always be different from the input –For a given message, it must be computationally infeasible to find another message with the same output –For a pair of messages, it must be computationally infeasible to find equal outputs

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Examples of Secure Hash Functions SHA-1 Developed by NIST published in FIPS PUB 180 in 1993, revision FIPS PUB issued in 1995 Maximum input message of 2 64 bits Message digest of 160 bit Input processed in 512 bit blocks MD5 Specified in RFC 1321 No maximum input message length Message digest of 128 bit Input processed in 512 bit blocks

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Examples of Secure Hash Functions RIPEMD-160 Developed by European researchers trying to break MD4 and MD5. No maximum input message length Message digest of 160 bit Input processed in 512 bit blocks HMAC Cryptographic hash function (combination of MAC and SHA-1). Specified in RFC HMAC is as computationally expensive as the hash function employed (SHA-1)

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: Explain the uses of public-key cryptography Describe the operation of public-key cryptography Produce public and private keys using integer numbers Explain the RSA and Diffie-Hellman algorithms Identify the main issues on key management

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Introduction Proposed by Diffie and Hellman in 1976 Based on mathematical functions not on bit operations Used to encrypt messages Main uses: –Confidentiality –Key distribution –Authentication

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Operation of public-key cryptography Elements of public key cryptography: Message Encryption algorithm Public and private key Ciphertext Decryption algorithm

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Characteristics of public-key algorithms The following conditions must be met for a public-key algorithm: It must be computationally effective to generate both keys It must be easy for the sending party to encrypt a message knowing the public key It must be computationally effective to decrypt the message using the private key It must be computationally infeasible to determine the private key

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 RSA public-key encryption algorithm Developed by Rivest, Shamir and Adleman in 1977 Most widely accepted public-key encryption algorithm In RSA the message, ciphertext and keys are represented as integer numbers

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 RSA operation C=M e mod n M=C d mod n = (M e ) d mod n = M ed mod n 0 < M & C < n Public key  e, n Private key  d, n e and n must be large values for the algorithm to be robust

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 RSA steps 1. Select two arbitrary (preferably large) prime numbers p and q 2. n = pq 3. Calculate Φ(n) = (p-1) (q-1) 4. Select an integer e such that e is a relative prime of Φ(n) 5. Calculate d such that de mod Φ(n)=1 6. Private key  e, n 7. Public key  d, n

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Key management Public-key certificates Public-keys are public, but they need to be authenticated Public-key certificates are public keys plus a user ID signed by a Certificate Authority (CA) Any user trying to verify the authenticity of a public key can get the appropriate certificate from the CA and validate the public key

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Key management Distribution of secret keys Public key algorithms can be used to distribute secret symmetric keys Encrypt the secret key with a one-time only session key Encrypt the session key using a trusted certified public-key Attach the encrypted session key to the encrypted session key and send both of them

Dr Alejandra Flores-Mosri Public-Key Cryptography Internet Management & Security 06 Resources Stallings W., Network Security Essentials, 2 nd Edition, Prentice Hall, 2002 (Chapter 3) FIPS – Secure Hash Standard Schneier on Security: SHA-1 broken n.html RFC 1321 MD5 Message Digest Algorithm RFC 2104 HMAC: Keyed-Hashing for Message Authentication RSA Laboratories RFC 2631 Diffie-Hellman Key Agreement Method