CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

Slides:



Advertisements
Similar presentations
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Digital Signatures. Anononymity and the Internet.
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptography and Internet Security How mathematics makes it safe to shop on-line John Lindsay Orr University of Nebraska - Lincoln.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Elgamal Public Key Encryption CSCI 5857: Encoding and Encryption.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Enhancing Security with S/MIME Chuck Connell,
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 
Secure Socket Layer (SSL)
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
Linux Networking and Security Chapter 8 Making Data Secure.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Public-Key Cryptography CS110 Fall Conventional Encryption.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Public Key Encryption CS432 – Security in Computing Copyright © 2005, 2008 by Scott Orr and the Trustees of Indiana University.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.
Cryptography Dave Feinberg. Suppose I send an from to Who has access to that ? What if I want the.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Encryption CS110: Computer Science and the Internet.
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.
RSA Pubic Key Encryption CSCI 5857: Encoding and Encryption.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Elgamal Public Key Encryption CSCI 5857: Encoding and Encryption.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Key management issues in PGP
Digital Signatures.
Public-key Cryptography
Public Key Infrastructure
Security at the Application Layer: PGP and S/MIME
Pooja programmer,cse department
ELECTRONIC MAIL SECURITY
ELECTRONIC MAIL SECURITY
Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,
Public-Key, Digital Signatures, Management, Security
Unit 8 Network Security.
Fluency with Information Technology Lawrence Snyder
Presentation transcript:

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted from Kurose & Ross, Computer Networking, Addison-Wesley, 2001.

An HTTP Request GET index.html HTTP/1.1 Host: Connection: close User-agent: Mozilla/4.0 Accept-language:en

Domain Name Translation  What is address???  Look it up! –Use a Domain Name Server –Translates a host name into an IP address

Routing  Routers –Internet ‘post offices’  Look at address, and send message ‘in the right direction’  Messages often take several ‘hops’ to get to their destination

HTTP Response HTTP/ OK Connection: close Date: Mon, 30 Sep 2002 Last-Modified: Mon, 23 Sep 2002 Content-Length: 6821 Content-Type: text/html …data data data …

Kinds of Messages  HTTP requests / responses   Instant Messages  Telnet sessions  Transactions (shopping, etc.)

Privacy  Any machine (router) along the path of the message can read it. –Message more like a postcard than a letter  Is this good??? –Of course not!  What can we do??? –Encrypt the messages

Cryptography  Need to figure out a way so the recipient can read the message, but nobody else.  Most common technique today: public key cryptography

Public Key Cryptography  Each person has a public key and a private key  The two keys ‘un-do’ each other –More on this in a minute  Public keys are publicly available on Key Servers (anyone can see / get them)

Sending a Message  Alice wants to send Bob a message  Alice gets Bob’s public key  Alice uses the key to encrypt her message  Bob gets the message, and uses his private key to decrypt it

Basic Idea  For a message encrypted using a given public key, the ONLY way to decrypt it is to use the corresponding private key  So, as long as Bob is the only one with his private key, he’s the only one that can read the message

Implementation  We want:  Efficient: –Encrypting with public key –Decrypting with private key  Intractable: –Decrypting without private key

RSA Algorithm  One way to do this:  Modular Exponentiation –Modular arithmetic – remainder stuff: 13 = 3 (mod 10) –Modular exponentiation: 4 3 = 64 = 4 (mod 10) This can be done efficiently

RSA Algorithm  Now, we need to pick numbers that ‘un-do’ each other’s exponentiation  For a mod of 10, 2 undoes itself: 0 3 = 0 (mod 10)5 3 = 125 = 5 (mod 10) 1 3 = 1 (mod 10)6 3 = 216 = 6 (mod 10) 2 3 = 8 (mod 10)7 3 = 343 = 3 (mod 10) 3 3 = 27 = 7 (mod 10)8 3 = 512 = 2 (mod 10) 4 3 = 64 = 4 (mod 10)9 3 = 729 = 9 (mod 10)

RSA Algorithm  So, our public key is {10, 3}  Private key is {2}  Encrypting a message: Let’s send 472 –Exponentiate each digit: 438  Decrypting a message: –Exponentiate again: 472

RSA Algorithm  Breaking RSA – know exponent, know modulus – just take the root –E.g. find cube root of 4 (mod 10)  Most public keys have very large numbers – ~150 digits.  Finding these roots is an intractable problem – bigger keys, harder problem!

Security and  Many products with built-in cryptographic protection  Outlook Express – S/MIME (Secure/Multipurpose Internet Mail Extension) Support  Other add-ons (choices for secret key methods, size of key, etc)  Pretty Good Privacy (PGP)

Encryption and Signatures  Encryption: encodes the message so that other users cannot read it  Signatures: let you emulate written signatures

To see more about getting a certificate:

Encrypting vs. Signing  Encrypt first, sign second: –Verify signatures before decrypting –Useful in automated verification systems  Sign first, encrypt second: –Decrypt before verifying signatures –Useful when plaintext is essence of the message.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.