569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Encrypted E-mail Web Application Presented by:

Slides:

Advertisements

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Advertisements

Off-the-Record Communication, or, Why Not To Use PGP

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Principles of Information Security, 2nd edition1 Cryptography.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Wired Equivalent Privacy (WEP)

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Lecture 19 Page 1 CS 111 Online Security for Operating Systems: Cryptography, Authentication, and Protecting OS Resources CS 111 On-Line MS Program Operating.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Enhancing Security with S/MIME Chuck Connell,

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

Linux Networking and Security Chapter 8 Making Data Secure.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.

每时每刻可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.

GROUP 11 Dhita Puspita Larasati Topan Firmansyah Dimas Kurnia Ayatullah Galih Purwanti Rahma Aprilia Handayani

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

Public-Key Cryptography CS110 Fall Conventional Encryption.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.

Dr. Susan Al Naqshbandi The word “Cryptography” is derived from Greek words κρυπτός kryptós meaning “hidden” and γράφω gráfo meaning.

Professional Encryption Software FINECRYPT 8.1. Contents Introduction Introduction Features Features Installation Installation Tests Tests Results Results.

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

Public / Private Keys was a big year… DES: Adopted as an encryption standard by the US government. It was an open standard. The NSA calls it “One.

Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

Overview of Cryptography & Its Applications

Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”

Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.

Lecture 23 Symmetric Encryption

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Security PART VII.

Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

INCS 741: Cryptography Overview and Basic Concepts.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Introduction to security goals and usage of cryptographic algorithms

10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.

Presentation transcript:

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Encrypted Web Application Presented by: Aqila Dissanayake & Tarik EL-amsy

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Motivations When you send an , do you realize that it can easily be read: –By anyone who works for your Internet Service Provider –By anyone who works for the recipient's internet service provider –By anyone who operates any of the perhaps dozens of Internet routers that your data packets will pass through –By anyone with physical access to the telephone switching equipment in the phone company's office

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application

Services Used neuroFuzz Cryptographic Web Service rvice/cryptoSOAP.php?wsdlhttp:// rvice/cryptoSOAP.php?wsdl Send Service

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application neuroFuzz Crypto Service This is a cryptographic web service that allows a user encrypt/decrypt a text using a key. The encryption algorithm implemented is the block-cipher AES Rijndael with a 256-bit block size and 32-bit key size. In June 2003, the US Government announced that AES (Advanced Encryption Standard) may be used for classified information: “The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths”. This marks the first time that the public has had access to a cipher approved by NSA for TOP SECRET information. The service is provided free of charge.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Symmetric key AES algorithm uses a symmetric key; which means it utilizes the same key to encrypt and decrypt a message. In other words both the sender and the receiver should utilize the same key to encrypt and decrypt a message.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Send This is a web service that lets a user send an to any address from any address. It uses the SMTP (Simple Mail Transfer Protocol) Abysal-WebDTP server for this purpose. This service is executed on one of the Abysal Systems webDTP application servers, through a simple C language program. This program uses the denoted Abysal-SOAP API (Application Programming Interface).

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application New Application Generated The new application constructed is a web application that lets a user send an encrypted message to a user. The receiving user can use the web application to decrypt the message using the symmetric key. The application provides a user friendly interface which even a novice to the concept of cryptography can use The only thing the user needs to be aware of is that the receiving user needs to utilize the same key to decrypt the message.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Integrating the services The user would write down his in normal text. Then, the user would choose to encrypt the text. A key needs to be used for encryption. The program provides the user with the option of automatically generating a key or entering his or her own key.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Integrating the services It is assumed the user exchanges the key data with the communicating party with some non-Internet based method (snail-mail, sneaker net, POTS (plain old telephone service)) Utilizing this key, the user needs to send the text to the Neurofuzz web service to be encrypted. The Neurofuzz crypto service will return the encrypted text to the program Then the user will fill out all the required info such as the receivers address and the senders address and send the .

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Integrating the services At this step to send the the Send web service will be called and the encrypted text will be sent to this service. This web service will send the on behalf of the user. Once the receiver receives the , to read it he or she needs to decrypt the message, for this the same key that was used to encrypt the message should be used. Once the ciphertext is sent to the Neurofuzz crypto service along with the correct key, it will be decrypted and the plaintext message will be returned to the user. The user can read the message after this step is completed.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Limitations of the application The application is only capable of sending one at a time. In a way it makes sense, because if more than two users utilize the same key it can be considered as a security risk. Still, if one needs to send a message to two addresses of the same user (at the same instance), the application won’t achieve the task. The limitation is inherited from the Send web service. The service limits the number of target addresses to one.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Difficulties Difficulty in locating web services was one of the major problems in this project. The Neurofuzz crypto service was the only web service that was found to contain any encryption/decryption technique. Even though there are many encryption standards available today there weren’t any other cryptographic web services available. When it came to finding an web service, it seemed as though there were a fair number of services. Most of them were not working because of the WSDL file being unavailable or they required authentication.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Difficulties (cont’) It was difficult to find a web service to integrate with the cryptographic web service. One of cryptography's primary purposes is hiding the meaning of messages, but not usually their existence. In other words cryptography is about communicating in the presence of adversaries. For this purpose we had to find a web service that involves communication. There were many choices such as SMS (Short Message Service) which is widely available for mobile devices, IM (Instant messaging) and . Encryption service can be implemented on top of any of those services, but for it to be practical we chose as our other web service.

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application This application is available at This application is available athttp:// /Crypt / .aspx

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application References Hans Delfs and Helmut Knebl, Introduction to Cryptography, Principles and Applications Why you should use Encryption Advanced Encryption Standard Send Web Service B3B0-339C-0D3F-71D033ACB0CC neuroFuzz Crypt Service KTCZhhSW_wX(2MgVnSRM)?key=uuid:D6E52F11-C2B7-58DD- 699B-36646ABD7F28