Integrating Diffie-Hellman Key Exchange into the Digital Signature Algorithm IEEE Communications Letters, March 2004 Lein Harn, Manish Metha and Wen- Jung.

Slides:

Advertisements

Similar presentations

The Diffie-Hellman Algorithm

Advertisements

Public Key Infrastructure and Applications

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

Cryptography Basic (cont)

1 Security analysis of an enhanced authentication key exchange protocol Authors ： H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date ： 2005/5/20.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.

Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Computer Science Public Key Management Lecture 5.

Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall

Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.

Bob can sign a message using a digital signature generation algorithm

1 ECE453 – Introduction to Computer Networks Lecture 19 – Network Security (II)

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Wireless and Security CSCI 5857: Encoding and Encryption.

TLS 1.2 and NIST SP A Tim Polk November 10, 2006.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Chapter 21 Distributed System Security Copyright © 2008.

Chapter 21 Public-Key Cryptography and Message Authentication.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.

1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.

Csci5233 computer security & integrity 1 Cryptography: an overview.

11/26/2015 9:14 AM Midterm Grading Comments James Hook CS 591: Introduction to Computer Security.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Prepared by Dr. Lamiaa Elshenawy

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Computer and Network Security - Message Digests, Kerberos, PKI –

Lecture 5.1: Message Authentication Codes, and Key Distribution

COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●

Secure Messenger Protocol using AES (Rijndael) Sang won, Lee

Cryptography Gerard Klonarides. What is cryptography? Symmetric Encryption Symmetric Encryption Asymmetric Encryption Asymmetric Encryption Other cryptography.

Jump to first page Internet Security in Perspective Yong Cao December 2000.

Wireless Network Security CSIS 5857: Encoding and Encryption.

ClientServer ClientID, E(x, CHK) E(x+1, SHK), E(y, SHK) E(y+1, CHK) E(SK, SHK) Three-way handshake Authentication Protocols CHK, SHK are keys known by.

Integrating A Key Distribution Procedure Into The Digital Signature Standard B. Arazi Electronics Letters Vol. 29, No. 11, Pg May 1993 Adviser:

Network Security Celia Li Computer Science and Engineering York University.

1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

1 Secure Key Exchange: Diffie-Hellman Exchange Dr. Rocky K. C. Chang 19 February, 2002.

1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.

CST 312 Pablo Breuer.  First published public-key algorithm  A number of commercial products employ this key exchange technique  Purpose is to enable.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Source: IEEE Communications Letters, Vol. 8, No. 3, March 2004

B. R. Chandavarkar CSE Dept., NITK Surathkal

Introduction Used for communication to verify

Electronic Payment Security Technologies

Presentation transcript:

Integrating Diffie-Hellman Key Exchange into the Digital Signature Algorithm IEEE Communications Letters, March 2004 Lein Harn, Manish Metha and Wen- Jung Hsin Presented by Jung-Chen Liu Date ： 2004/04/13

Outline Motivation Introduction Secure DH+DSA key exchange protocols Security analysis Contributions

Motivation NIST has published a series of security standards under Federal Information Proceeding Standard (FIPS). But for far, there is no FIPS standard for key agreement between two parties. DH key agreement(1976) did not provide authentication.

Introduction In 1993, Arazi suggested replacing the message in the DSA algorithm with DH exchange key (authentication). In 1994, Nyberg pointed out it cannot resist the known key attack.

Secure DH+DSA key exchange protocols A. One-Round Protocol A. One-Round Protocol ： supports noninteractive applications, such as secure transmission. B. Two-Round Protocol B. Two-Round Protocol ： interactive application, K AB and K BA are the shared secret keys. C. Three-Round Protocol C. Three-Round Protocol ： key confirmation.

One-Round Protocol User A User B Verify DSA signature (r A, s A ) of message m A (m A, s A )

Two-Round Protocol User A User B (m A, s A ) (m B, s B )

Three-Round Protocol User A User B mAmA (m B, s B ) sAsA

Security analysis

Contribution This protocol provide multiple secret keys, one for each direction. This arrangement conforms most standard protocols, ex. SSL IPSec… The shared secret key is included in the signature. Prevent the known key attack and key replay attack. Three-round protocol achieves key confirmation. Prevent unknown key attack.