Encryption / Security Victor Norman IS333 / CS332 Spring 2014.

Slides:

Advertisements

Similar presentations

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter 11: Cryptography

魂▪創▪通魂▪創▪通 WebCert - SOP Sangrae Cho Authentication Research Team.

Digital Signatures. Anononymity and the Internet.

Secure Sockets Layer. SSL SSL is a communications protocol layer which can be placed between TCP/IP and HTTP It intercepts web traffic and provides security.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Cryptographic Technologies

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Tony BrettOUCS Course Code ZAB 9 February Security – Encryption and Digital Signatures Tony Brett Oxford University Computing Services February.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Computer Science Public Key Management Lecture 5.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

Chapter 31 Network Security

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Secure Electronic Transaction (SET)

Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2015.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Public Key Infrastructure (PKI) Chien-Chung Shen

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

Security & Privacy. Learning Objectives Explain the importance of varying the access allowed to database elements at different times and for different.

Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.

M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Secure HTTP (HTTPS) Pat Morin COMP 2405.

Pooja programmer,cse department

Digital Signatures Reference: Pfleeger , Charles P., Security in Computing, 2nd Edition, Prentice Hall, /7/2019 Ref: Pfleeger96, Ch.4.

Unit 8 Network Security.

Electronic Payment Security Technologies

Presentation transcript:

Encryption / Security Victor Norman IS333 / CS332 Spring 2014

Problem Need to be able to do secure transactions across a public network. – The data in the message needs to be encrypted so that no “man-in-the-middle” can intercept it. – Each endpoint needs to be able to authenticate that the other endpoint is who it says it is.

Terminology Plaintext Cyphertext Encryption key Decryption key Asymmetric encryption

Public Key Encryption Each network “entity” generates a pair of keys – a private key and public key. The private key is never shared. The public key is shared. The private key can decrypt a message encrypted with the public key, and vice versa.

PKE and Security Can use public and private keys to get security problem: – sender gets the receiver’s public key. – sender encrypts the message with it, and sends to receiver (as cyphertext). – receiver decrypts with own private key. Anyone can encrypt, but only the receiver can decrypt. – First problem solved.

Digital Signatures Ensure some message is from who they say it is from. Use own private key to encrypt message. – Only your public key can be used to decrypt – So, message must be from you.

Combine them both To ensure privacy and authentication, combine both techniques: 1. encrypt plaintext with sender private key. 2. encrypt result with receiver public key. 3. send message. All problems solved! – Not!

One more problem… Before all this, each endpoint has to get the other endpoint’s public key. What if someone in the middle intercepts the request and sends its public key as if it were the other endpoint’s public key. Need a way to know that an endpoint’s public key really belongs to that endpoint. – Need a CA – Certificate Authority.

Certificate Authority A state-certified repository for network entities’ public keys. – Has its own public key, too. – Its location is built into web browsers Sender sends message to CA encrypted with CA’s public key, asking for other endpoint’s public key. – Only the endpoints can decrypt, so message is secure. – Receiver’s public key is guaranteed to be authentic, if the CA can be trusted.