Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.

Slides:



Advertisements
Similar presentations
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Advertisements

IS 302: Information Security and Trust Week 4: Asymmetric Encryption
XML Encryption Prabath Siriwardena Director, Security Architecture.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Principles of Information Security, 2nd edition1 Cryptography.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
1 Homework Study Java Cryptography by Reading the rest of slides and accessing Sun ’ s Java website:
What is Encryption? - The translation of data into a secret code - To read an encrypted file, you must have access to a secret key or password that enables.
CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.
1 Chapter 4 Encryption. 2 Objectives In this chapter, you will: Learn the basics of encryption technology Recognize popular symmetric encryption algorithms.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Java supports encryption by a wide variety of packages: The standard java.security package The standard javax.crypto package Packages supplied by third.
Cryptography in.Net CS 795. Goals Confidentiality---no one else can intercept a message as it passes from A to B---Encryption is the answer Integrity---message.
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Cryptography in.Net Chapters (O’Reilly book) CS 795.
Dr. Khalid A. Kaabneh Amman Arab University
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
1 Public-Key Cryptography and Message Authentication.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Network Security David Lazăr.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security.
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.
Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Introduction to Pubic Key Encryption CSCI 5857: Encoding and Encryption.
Network Security: Lab#2 J. H. Wang Oct. 9, Objectives To learn to use message digests –MD5 To learn to use secure hash functions –SHA-1, SHA-2 To.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
“Java Cryptography” By Karim Kilany CSCI 485 Presentation Dr.Sherif Aly.
LAB#4 PROGRAMMING USING JAVA CRYPTOGRAPHIC LIBRARIES CPIT 425.
Symmetric Cryptography
Digital Signatures Assignment
NETWORK PROGRAMMING CNET 441
Cryptography Basics and Symmetric Cryptography
PART VII Security.
Presentation transcript:

csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java

csci5233 Computer Security2 Topics A. Ciphers, modes and padding B. Asymmetric encryption in Java C. Session key encryption D. File encryption/decryption using RSA E. Key agreement

csci5233 Computer Security3 Ciphers, Modes and Padding  The ECB (Electronic Code Book) mode encrypts the plaintext a block at a time.  Asymmetric ciphers are almost always used in ECB mode. Why?  The block size is usually almost equal to the size of the key. Example: 1024-bit RSA ~= data block of 117 bytes

csci5233 Computer Security4 Ciphers, Modes and Padding  When the size of the data is less than the size of the block, padding is needed.  RSA uses two forms of padding: PKCS#1 – the standard form of padding in RSA; insecure when used for encrypting plaintext with obvious patterns in it (like English text) OAEP (Optimal Asymmetric Encryption Padding) – an improvement on PKCS#1.

csci5233 Computer Security5 Asymmetric encryption in Java  The steps of using asymmetric encryption in Java is similar to using symmetric encryption: 1. Create a key; 2. Create and initialize a cipher using the key; 3. Use the cipher to encrypt or decrypt, by specifying appropriate mode.  The main difference is that an asymmetric cipher requires a key pair: a public and a private key.

csci5233 Computer Security6 Major Java Classes for Key Pairs 1. java.security.KeyPair public final class KeyPair extends ObjectObject implements SerializableSerializable 2. java.security.PublicKey public interface PublicKey extends KeyKey This interface contains no methods or constants. It merely serves to group (and provide type safety for) all public key interfaces. Note: The specialized public key interfaces extend this interface. See, for example, the DSAPublicKey interface in java.security.interfaces.

csci5233 Computer Security7 3. java.security.PrivateKey Similar to the PublicKey interface, except that it is for the private key 4. java.security.KeyPairGenerator public abstract class KeyPairGenerator extends KeyPairGeneratorSpiKeyPairGeneratorSpi  The KeyPairGenerator class is used to generate pairs of public and private keys.  Key pair generators are constructed using the getInstance factory methods. Major Java Classes for Key Pairs

csci5233 Computer Security8 Session key encryption  Oddly enough, the greatest value in using asymmetric encryption is in encrypting symmetric keys. Why? (discussed earlier in Chapter 2)  Exercise: Explain how session key encryption works.  SimpleRSAExample.java (or find it at html) SimpleRSAExample.java html

csci5233 Computer Security9 File encrypt/decrypt using RSA  Steps: 1) Use an AES session key to encrypt the file. (Note: Each file is encrypted by a different session key.) 2) Use RSA to encrypt the session key. 3) Store the encrypted session key inside the file.  Source code: FileEncryptorRSA.java FileEncryptorRSA.java

csci5233 Computer Security10 File encrypt/decrypt using RSA  FileEncryptor is started with one of three options: -c:create key pair and write it to 2 files -e:encrypt a file, given as an argument -d: decrypt a file, given as an argument

csci5233 Computer Security11 File encrypt/decrypt using RSA  Format of the encrypted file

csci5233 Computer Security12 File encrypt/decrypt using RSA  The decryption steps

csci5233 Computer Security13 Key agreement  javax.crypto Class KeyAgreement This class provides the functionality of a key agreement (or key exchange) protocol. For each of the correspondents in the key exchange, doPhase needs to be called. For example, if this key exchange is with one other party, doPhase needs to be called once, with the lastPhase flag set to true.

csci5233 Computer Security14 Key agreement KeyKey doPhase (Key key, boolean lastPhase) Executes the next phase of this key agreement with the given key that was received from one of the other parties involved in this key agreement.doPhaseKey

csci5233 Computer Security15 Key agreement  If this key exchange is with two other parties, doPhase needs to be called twice, the first time setting the lastPhase flag to false, and the second time setting it to true. There may be any number of parties involved in a key exchange.  With the doPhase method, Diffie-Hellman allows any number of public keys to be added to perform a key agreement.

csci5233 Computer Security16 Key agreement  Once all the keys have been passed in with doPhase( ), a call to generateSecret( ) will perform the actual key agreement and return a byte array that is the shared secret. byte[] generateSecret() Generates the shared secret and returns it in a new buffer.generateSecret int generateSecret (byte[] sharedSecret, int offset) Generates the shared secret, and places it into the buffer sharedSecret, beginning at offset inclusive.generateSecret SecretKey generateSecret (String algorithm) Creates the shared secret and returns it as a SecretKey object of the specified algorithm.SecretKeygenerateSecretString

csci5233 Computer Security17

csci5233 Computer Security18 Key agreement for a Chat Application  The sample application  KeyAgreementClient.java KeyAgreementClient.java  KeyAgreementServer.java KeyAgreementServer.java

csci5233 Computer Security19 Next  Message digest, Digital signatures & Certificates (GS: 6)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.