Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Information Security of Embedded Systems : Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Information Security of Embedded Systems : Embedded Systems Design Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Public Key Infrastructure and Applications
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Information Security of Embedded Systems : Public Key Cryptosystems, Communication Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Information Security of Embedded Systems : remote access, wireless networks Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Information Security of Embedded Systems : BAN-Logic Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Chapter 20: Network Security Business Data Communications, 4e.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 21 Distributed System Security Copyright © 2008.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Digital Signatures, Message Digest and Authentication Week-9.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Computer and Network Security - Message Digests, Kerberos, PKI –
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Security Outline Encryption Algorithms Authentication Protocols
Cryptography Why Cryptography Symmetric Encryption
Computer Communication & Networks
Security.
Lecture 4 - Cryptography
Install AD Certificate Services
Presentation transcript:

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST

Embedded Security © Prof. Dr. H. Schlingloff Structure 1. Introductory example 2. Embedded systems engineering 1.definitions and terms 2.design principles 3. Foundations of security 1.threats, attacks, measures 2.construction of safe systems 4. Design of secure systems 1.design challenges 2.safety modelling and assessment 3.cryptographic algorithms 5. Communication of embedded systems 1.remote access 2.sensor networks 6. Algorithms and measures 1.digital signatures 2.key management 3.authentication 4.authorization 7. Formal methods for security 1.protocol verification 2.logics and proof methods

Embedded Security © Prof. Dr. H. Schlingloff Digital Signatures Public-key cryptography  A publishes his/her public key on his blog, mail and web site  If A encodes some text with the private key, anybody can decrypt it with this public key (or, vice versa, anybody encrypts with public key)  Hence, if we trust in A’s private key’s privacy, we know that A must have encrypted it (or, vice versa, only A can read it)  Or do we? Public key cryptography – privacy  no unauthorized reading of content Hash codes – integrity  no modification of messages Digital signatures – authenticity  no faking of sender’s identity

Embedded Security © Prof. Dr. H. Schlingloff Digital Certificates and Key Integrity Problem in the above approach: attribution of private key to a person (attacker can generate a key and substitute it) Authenticity of public key? Solutions:  social processes (e.g., ebay)  guaranteed by trust centre or other certification authority Technique  TC generates public/private key pair K A E, K A D for A  TC signs public key K A D by encoding it with its own private key K TC E  A receives K A E and {K A D }K TC E  B can check authenticity of {K A D }K TC E via K TC D  problem: authenticity of K TC E !

Embedded Security © Prof. Dr. H. Schlingloff PKI (public key infrastructure) Functionality of a “real” signature:  identification of signed  originality of document  contract, agreement to content  emphasis of importance Problems: forged signatures, fax machines, signature machines Hierarchy of certification authorities (witnesses, notary etc) Digital equivalents: Hierarchy of certification authorities (Trust centre, BSI) Personalisation of private key (smart cards, picture ID) Inhibit publication or transfer of private key by  black lists, white lists  penalties  legal measures

Embedded Security © Prof. Dr. H. Schlingloff Key exchange and -management Problem of authenticity of the communication partners: How do communication partners know their mutual identity? (the same problem appears in ordinary surface mail) Solutions  Personalausweis, social security card  smart cards and trust centres: a trustworthy third party. User inserts card into machine, types in his PIN, the rest is automated Which protocols/algorithms are used? Def.: A protocol is a distributed algorithm involving several parties, which is defined by a sequence of steps which fix the actions and messages between the parties to achieve the desired goal

Embedded Security © Prof. Dr. H. Schlingloff Key Establishment Def.: Key establishment (Schlüsselfestlegung) is the process or protocol to establish a common secret between two or more parties for later cryptographic use Two variants of key establishment:  Key transport (Schlüsselaustausch) - One party creates the key and sends it to the other(s)  Key agreement (Schlüsselvereinbarung) - The key is calculated by all involved parties from information contributed by all parties. Keys by itself can be symmetric or asymmetric, and dynamic (for one session only) or static (a priori, for several sessions)

Embedded Security © Prof. Dr. H. Schlingloff Prerequisites for key establishment Trusted third party (Trusted server, authentication server) S  stepwise building of trust Assumptions on A and S, e.g., each communication partner A received from S a key which is only known to A and S  A must identify him/herself personally with S  S must keep the key secret (prevention against house braking, burglary, fraud,...)  A must keep the key secret (e.g. by SmartCard+PIN; legal consequences) Assumptions on attackers  recording, modification, deletion, detour, or replay of packets  initiation of the protocol or interference with it  no possibility for cryptanalysis  known-key-attack: does a breaking of the key for one session lead to the possibility of calculating subsequent keys?

Embedded Security © Prof. Dr. H. Schlingloff Protocols for key exchange

Embedded Security © Prof. Dr. H. Schlingloff Exchange of symmetric keys with authentication server

Embedded Security © Prof. Dr. H. Schlingloff

Embedded Security © Prof. Dr. H. Schlingloff Key Agreement

Embedded Security © Prof. Dr. H. Schlingloff Symmetric keys with authentication server

Embedded Security © Prof. Dr. H. Schlingloff Kerberos key distribution protocol

Embedded Security © Prof. Dr. H. Schlingloff

Embedded Security © Prof. Dr. H. Schlingloff A protocol with asymmetric keys

Embedded Security © Prof. Dr. H. Schlingloff

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.