Practice and Experience in the Application of Cryptography Bao Feng Cryptography and Security Department.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Cryptography The science of writing in secret code.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Principles of Information Security, 2nd edition1 Cryptography.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
EMTM 553 Electronic Commerce Systems
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Cryptographic Technologies
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
EMTM 553 Electronic Commerce Systems
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,
Database Key Management CSCI 5857: Encoding and Encryption.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Joseph Ferracin Director IT Security Solutions Managing Security.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
The Cryptographic Sensor FTO Libor Dostálek, Václav Novák.
Steve Wicker Cornell University 1 TRUST Autumn 2011 Conference.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.
Códigos y Criptografía Francisco Rodríguez Henríquez Security Attacks: Active and Passive Active Masquerade (impersonation) Replay Modification of message.
Types of Electronic Infection
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
LOGO Cloud Storage Oriented Cipher-text Search Protocol.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
EMTM 553 Electronic Commerce Systems
NET 311 Information Security
Install AD Certificate Services
Presentation transcript:

Practice and Experience in the Application of Cryptography Bao Feng Cryptography and Security Department

Applications of Crypto in Daily Life 1.Internet – wifi, SSL, VoIP, VPN 2.Handphone – A5/1, COM128, KASUMI 3.PayTV – conditional access control (CAS) 4.RFID, NFC – remote controller, card Symmetric key cryptosystems take the majority PKC only for Internet

Public Key Cryptosystems Digital signature Digital cash Fair exchange PIR E-voting and e-auction Searchable encryption Private matching Privacy-preserving data mining

Digital Signature The topic generating most research papers A revolution in the history of authentication Currently mainly applied as certificate Many proposed application scenarios, but not really applied. Accepted in legislation, but not accepted by ordinary people Become a subset of e-signature

Digital Cash Simulating physical cash Untracability Double-spending detecting Unsuccessful in business Critical vulnerability: not preventing double-spending

Fair Exchange Fair exchange without TTP, or with offline TTP. No research interest with TTP. TTP is needed in real world. In front of people without crypto knowledge, real-world TTP overwhelms dislog and factorization. Real world security has different model from crypto’s

Private Information Retrieval Similar to OT, but aiming at minimizing communication. Two types of PIR Cost in performance trade privacy Difficult to find business model No high demand from ordinary users, while for special users crypto may not be the only way

E-voting and E-auction Public key crypto protocols Challenge: fulfill numerous requirements, anonymity, authentication, verifiability, untracability, etc Too complicated to understand for layman E-voting will prevail, but may not be PKC

Searchable Encryption Both PKC and SKC Database outsourcing Server can search ciphertext Performance suffers a lot at server side What application? Sensitive data outsource?

Private Matching Problem definition Ideal situation Current solutions asymmetric Most solutions from database community and many earlier ones not secure

Summary of Downside Performance – business can’t tolerate scalability shrinking, e.g., credit card Business model – distributed model hard to manage commercially. Who runs the service Layman’s perception – perceived security more important for business Low-end security vs high-end security – a dilemma. National security excludes public research in some areas

Our Experience and Observations SKC demanded more than PKC (for business model, 1-to-n more than n-to-n) Key management (shortage of SKC shrinking with rapid growth of hardware, even for n-to-n) Standard vs non-standard Fulfill various requirements (lock builder) Practical solutions more demanded than the solutions of high research value, e.g., brute force Embedded in other applications Jump beyond cryptographer’s mindset

Promising Areas Smart energy grid Sensor network and RFID Cloud computing Content security (IPTV, pay-TV) Handphone security Ciphers for niche areas

Thank you! Q & A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.