Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Slides:



Advertisements
Similar presentations
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
Advertisements

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and Hash Functions. Digital Signatures.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 17 Prof. Crista Lopes.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Diffie-Hellman Key Exchange
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Cryptography 101 Frank Hecker
CSCI 6962: Server-side Design and Programming
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
May 2002Patroklos Argyroudis1 A crash course in cryptography and network security Patroklos Argyroudis CITY Liberal Studies.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Encryption / Security Victor Norman IS333 / CS332 Spring 2014.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Security. Cryptography (1) Intruders and eavesdroppers in communication.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.
ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.
Web Applications Security Cryptography 1
Basics of Cryptography
Cryptography Why Cryptography Symmetric Encryption
Computer Communication & Networks
Message Security, User Authentication, and Key Management
Lecture 10: Network Security.
Presentation transcript:

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen

Key Distribution Protocol  Utilized symmetric and asymmetric algorithm to complement each other weaknesses.  Using digital certificate, MD5 and session key to meet the goal of security in terms of authenticity, integrity and confidentiality. 07/29/2009Hybrid Crypto Systems CS691 Page 1/15

Symmetric Encryption  One key for encryption and decryption.  Faster than asymmetric cryptography.  Some algorithms: DES, 3DES, Blowfish, AES.  Key length: bits

Asymmetric Encryption  Public key for encryption and private key for decryption.  Key management is easier than symmetric.  Some algorithms: RSA and ElGammal  Key length: At least 3072 bits to be secure.

Digital Certificate  Verify that the public key belongs to an individual.  Generate self-sign certificate using openssl.  Request public key certificate sign by trusted authority such as Thawte or Verisign.  Digital certificate usually have a time expiration on it.

Hybrid Crypto Protocol – Step 1  Alice is sending its digital certificate to Bob.  Bob receives and verifies the certificate with CA’s public key.

Hybrid Crypto Protocol – Step 2  Bob send its digital certificate to Alice.  Alice receives Bob’s certificate and verify it with CA.

Hybrid Crypto Protocol – Step 3  Alice encrypting the nonce and unique identifier with Bob’s public key and send it to Bob.  Bob decrypt the message from Alice with Bob’s private key and keep the nonce value and verify the unique identifier.

Hybrid Crypto Protocol – Step 4  Bob sends the nonce value which it received from Alice and its own nonce value encrypting it with Alice’s public key.  Alice decrypted the message with secret key and verify the nonce value from Bob to assure that the correspond is Bob because only Bob can decrypt this message.

Hybrid Crypto Protocol – Step 5 Alice sends secret key (session key) with the nonce value from Bob and encrypt this message with Bob’s public key to ensure that Bob is the only one can read the message and to assure Bob that the sender is Alice. Bob receive the message and decrypt with private key. Compare the incoming nonce that he has originally sent to confirm the correspondent is Alice.

Discussion Is it possible for an attacker to break in the middle? What if the attacker has compromised the CA?

Conclusion  Securely transmit private key with mutual authentication and trusted third party.  Provides confidentiality, authenticity and integrity.

References hy) hy) rtificate.html rtificate.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.