Chapter 4 Using Encryption in Cryptographic Protocols & Practices (Part B)

Slides:



Advertisements
Similar presentations
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Advertisements

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
1. INDEX 2 A signature is a handwritten depiction of someone’s name or nickname that a person writes on documents as proof of identity and intent. Signature.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
16.2 Digital Signatures By: John Barton. What is a Digital Signature? The idea comes from the idea of signing a document by its author (authenticating.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
CS555Topic 211 Cryptography CS 555 Topic 21: Digital Schemes (1)
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
Secure Electronic Transaction (SET)
4. Using Encryption Wisely U NIVERSITY THE of ULSA T Sujeet Shenoi Center for Information Security Department of Computer Science University of Tulsa,
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
Csci5233 computer security & integrity 1 Cryptography: an overview.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Digital Signatures, Message Digest and Authentication Week-9.
DIGITAL SIGNATURE.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Bit Commitment, Fair Coin Flips, and One-Way Accumulators Matt Ashoff 11/9/2004 Cryptographic Protocols.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.
Cryptography: an overview
Cryptography: an overview
Basics of Cryptography
Unit 3 Section 6.4: Internet Security
Computer Communication & Networks
Digital Signature.
Pooja programmer,cse department
csci5233 computer security & integrity (Chap. 4)
Cryptography: an overview
Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.
Digital Signatures Reference: Pfleeger , Charles P., Security in Computing, 2nd Edition, Prentice Hall, /7/2019 Ref: Pfleeger96, Ch.4.
Presentation transcript:

Chapter 4 Using Encryption in Cryptographic Protocols & Practices (Part B)

csci5233 computer security & integrity (Chap. 4) 2 Outline

csci5233 computer security & integrity (Chap. 4) 3 Digital Signatures Digital signature: a protocol that produces the same effect as a real signature; that is, it is a mark that only the sender can make, while the other people can easily recognize as authentic. Two primary conditions must be met (Fig. 4-10, p.141) –Unforgeable –Authentic Two additional conditions for transactions using digital signatures: –Not alterable –Not reusable

csci5233 computer security & integrity (Chap. 4) 4 Symmetric key digital signatures The secrecy of the shared key guarantees the authenticity of the message, as well as its secrecy. But –it does not prevent forgery, because either party can create the same message; –thus it does not guarantee non-repudiation. Legal and crypto “non-repudiation”:

csci5233 computer security & integrity (Chap. 4) 5 Traditional Legal Meaning of "Non-Repudiation" There is a definitional distinction between the legal use of the term "non-repudiation" and its crypto- technical use. In the legal sense an alleged signatory to a document is always able to repudiate a signature that has been attributed to him or her. The basis for a repudiation of a traditional signature may include: –The signature is a forgery; –The signature is not a forgery, but was obtained via: Unconscionable conduct by a party to a transaction; Fraud instigated by a third party; Undue influence exerted by a third party.

csci5233 computer security & integrity (Chap. 4) 6 Crypto-Technical Meaning of "Non- Repudiation" In general terms, the term "non-repudiation" crypto- technically means: –In authentication, a service that provides proof of the integrity and origin of data, both in an unforgeable relationship, which can be verified by any third party at any time; or, –In authentication, an authentication that with high assurance can be asserted to be genuine, and that can not subsequently be refuted. “Non-repudiation is a property achieved through cryptographic methods which prevents an individual or entity from denying having performed a particular action related to data (such as mechanisms for non-rejection or authority (origin); for proof of obligation, intent, or commitment; or for proof of ownership).” , the Australian Federal Government's Electronic Commerce Expert Group

csci5233 computer security & integrity (Chap. 4) 7 Symmetric key digital signatures A 3 rd party (arbiter), trusted by either party, is required if a symmetric key encryption is used. Figure 4-11 (p.142): 1.S sends E(M, K S ) to the arbiter. 2.The arbiter decrypt E(M, K S ) to retrieve M. 3.The arbiter sends E( (M, S, E(M, K S ) ), K R ) to R. 4.R decrypt the message to retrieve M, S, E(M, K S ): –M is the message sent from R; –S is a message sent from the arbiter attesting that the message came from R; –How would R deal with E(M, K S ) ?

csci5233 computer security & integrity (Chap. 4) 8 Digital Signatures w/o Encryption Encryption could be time-consuming and may not be necessary in the case of digital signature. Use of a cryptographic sealing function as a signature, which is registered with an arbiter and can be a hash function or a one-way encryption function. Change to the document would void the signature. Steps: 1. S and R both have registered a personal sealing function with the arbiter (A), f S and f R respectively. 2. S sends M and f S (M) to A. 3. A computes its own f S (M). 4. If the two f S (M) match, A sends (M, S, f S (M), f R ((M,S))) to R.

csci5233 computer security & integrity (Chap. 4) 9 Digital Signatures w/o Encryption Disadvantages: 1.It requires an active arbiter on each transaction. 2.The message must be encrypted twice to ensure secrecy. 3.It does not prevent reuse or alteration of an old message.

csci5233 computer security & integrity (Chap. 4) 10 Preventing forgery of digital signatures Forgery: reuse or alteration of a message To prevent reuse: The message must be destroyed or expired after its use. A solution – time stamping To prevent alteration: A solution – time stamp + checksum Example – The time stamp can be encrypted into the message, such that the message cannot be “extracted” without changing the time stamp value. (Fig. 4-12, p.144)

csci5233 computer security & integrity (Chap. 4) 11 Asymmetric key digital signatures A sender encrypts a message using his/her own private key. The recipient uses the sender’s public key to decrypt the message. (Fig. 4-13, p.144) Authenticity and unforgeability are satisfied, but secrecy is not. Double encryption is required to satisfy secrecy: Fig E( D(M,K S ), K R )

csci5233 computer security & integrity (Chap. 4) 12 Key Escrow Key escrow provides a means for data to be adequately secure, but to also allow other legitimate users access on an emergency basis. Clipper: an example of a k of n key escrow protocol, where k = n = 2 K of n: Any k of the n pieces of the key are required to decrypt a message. Review of LEAF field, Clipper family key, unit id, session id: Chapter 3 Figure 4-15 (p.147): Clipper message exchange Software key escrow –Advantages: easy to change, to be integrated or customized –Disadvantage: changeability

csci5233 computer security & integrity (Chap. 4) 13 Mental Poker The ‘double locking’ protocol: Fig (p.149) Symmetric key implementation 1.S encrypts all messages with her own key ( E(M 1, K S ), E(M 2, K S ), …) and sends them to R. 2.R picks some of the messages and encrypts them with his own key ( E(M 1, K S ), E(E(M 2, K S ), K R ), … ), and sends them all back to S. 3.S keeps those messages that R did not select and then sends those selected by R back to R. Q: How can R decrypt the message E(M 2, K S ), which was encrypted under S’s key? –Encryption and decryption must be commutative: p.149

csci5233 computer security & integrity (Chap. 4) 14 Mental Poker Asymmetric key implementation S and R, respectively, encrypts the messages using his/her own public key. An application of ‘mental poker’: key distribution –A protocol is needed to enable a user to obtain a new key, while nobody – not even the central repository – knows what key the user has received. –Fig (p.151)

csci5233 computer security & integrity (Chap. 4) 15 Voting protocols The problem: Transmitting an untraceable but authentic message Examples: anonymous questionnaire, electronic voting, automating private transactions. Voting protocol: Each voter has two public key functions: (E, D) and (R, Q) Each user’s vote is multiply encrypted: R J (R K (R L (E J (E K (E L (vote))) ))) A two-phase protocol: verification phase + signing phase (Fig. 4-19, p.154)

csci5233 computer security & integrity (Chap. 4) 16 Analysis of the Voting protocol Secrecy Each voter can only votes once. Nobody other than the authenticated voters may vote. In phase 2, each voter independently ‘certifies’ the votes. This enables post-vote verification, in case a voter decided to tamper with the votes.

csci5233 computer security & integrity (Chap. 4) 17 Oblivious Transfer The problem: Sending one of two messages, with the restriction that neither the sender nor the receiver will know until later which message was sent Example: remote coin flipping obliv·i·ous: lacking remembrance, memory, or mindful attention Transfer protocol: Fig (p.155) P, the sender, has two pairs of public keys, E i, D i, E j, D j. N, the receiver, has a secret key, K N. This protocol is the basis for the next two protocols.

csci5233 computer security & integrity (Chap. 4) 18 Contract Signing The problem: remote signing contracts by computer Requirements: 1.Point of commitment 2.Unforgeability 3.Indirect signing Indirect contract signing protocol Based on the uncertainty of point of commitment + the oblivious transfer protocol Piecemeal transfer of secrets The protocol: pp

csci5233 computer security & integrity (Chap. 4) 19 Certified Mails The problem: A sender requires the receiver to sign an encrypted message while the receiver would not sign the message unless the message is known to him/her. Also based on the oblivious transfer protocol The protocol: pp

csci5233 computer security & integrity (Chap. 4) 20 Summary Next: Part C

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.