Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI.

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
CP3397 ECommerce.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Lecture 23 Internet Authentication Applications
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Cryptography and Network Security Chapter 17
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Chapter 8 Web Security.
SSL Technology Overview and Troubleshooting Tips.
Cryptography 101 Frank Hecker
JSSE API University of Palestine Eng. Wisam Zaqoot April 2010.
CSCI 6962: Server-side Design and Programming
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Secure Socket Layer (SSL)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Information Security Fundamentals Major Information Security Problems and Solutions Department of Computer Science Southern Illinois University Edwardsville.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Unit 1: Protection and Security for Grid Computing Part 2
James Higdon, Sameer Sherwani
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Keys & Key Management Chapters 7, 8 Keys –Symmetric Length –Public Key Length Key Management –Generating, Using, Storing Keys –Backup Keys –Destroying.
Authentication 3: On The Internet. 2 Readings URL attacks
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Washington System Center © 2005 IBM Corporation August 25, 2005 RDS Training Secure Socket Layer (SSL) Overview z/Series Security (Mary Sweat, Greg Boyd)
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Installing a SSL Server. Creating a key Before you can create a digital signature/certificate. You need first to create a private key. To do this process.
1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
GRID-FR French CA Alice de Bignicourt.
The Secure Sockets Layer (SSL) Protocol
Authentication, Authorisation and Security
Cryptography and Network Security
Information Security message M one-way hash fingerprint f = H(M)
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
TLS and DLP Behind the green lock.
The Secure Sockets Layer (SSL) Protocol
Presentation transcript:

Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI

Encryption Symmetric Shared-secret Password Most common form of general cryptography Asymmetric Public/Private Key

Symmetric User supplied password Examples DES AES MD5 Crypt Cleartext password goes in and comes out as a hash

Symmetric Example: MD5 %openssl passwd -1 -salt "test" -stdin password $1$test$28Tmd0tsvqI1Eq.TDxcaq/ Password: password Resulting hash: 28Tmd0tsvqI1Eq.TDxcaq/

Assymmetric Public key is derived from Private key Data encrypted with Public key can only be decrypted with Private and vice vesa Example RSA ElGamiel

Assymetric Example: x509 certificate %openssl x509 -inform DER -text -in root.der Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, ST=Utah, L=Orem, O=Apple, OU=Edu, CN=dsinema root Validity Not Before: Jun 14 18:19: GMT Not After : Jul 14 18:19: GMT Subject: C=US, ST=Utah, L=Orem, O=Apple, OU=Edu, CN=dsinema root Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ce:eb:78:66:c8:cf:a2:ab:39:9c:35:2b:3f:2e: 4e:bb:c8:cd:e3:3f:c2:67:5e:81:07:d6:ea:1d:75: 79:37:8f:e6:d8:92:e5:c2:15:d4:34:10:81:7b:d3: 24:18:ae:59:b3:52:8f:27:d9:9b:5b:fd:6d:9a:f1: e9:f5:c9:0d:6c:e4:60:35:ce:07:e4:02:c8:4a:92: 0b:bb:1c:d6:4f:f8:88:fa:d1:63:7b:da:49:80:90: b9:a4:19:ee:02:32:0b:c2:ad:45:30:49:2e:b1:1c:

Basics of SSL Client sends handshake to the server Server replies with a certificate Key exchange and negotiation Data transfer Optionally Client can be required to provide certificate

SSL

SASL Simple Authentication and Security Layer RFC 2222 Plug-able authentication scheme Client/Server negotiate auth mechanism Can also negotiate a security layer Such as SSL/TLS

SASL cont. Defines Kerberos v4 GSSAPI (Kerberos 5) S/Key External

PKI A world wide “authentication” model SSL/TLS uses PKI Trusted third party authenticates the server and issues certificates for the server Third party can: Set expiration dates on certificate Revoke certificates Certificates Authorities Thwate RSA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.