Pairing Based Cryptography Standards Terence Spies VP Engineering Voltage Security

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Public Key Infrastructure and Applications
Key Management Nick Feamster CS 6262 Spring 2009.
PAR for P Title: Standard for Pairing based Cryptographic Techniques June 4, 2005 PAR for IEEE P
Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Encryption Public-Key, Identity-Based, Attribute-Based.
Digital Signatures and Hash Functions. Digital Signatures.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Chapter 5 Network Security Protocols in Practice Part I
RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,
An Introduction to Identity-based Cryptography
PKI and Identity-Based Encryption Secure IT Conference 2007 Guido Appenzeller Voltage Security.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography for Backup Navigation
Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.
Identity Based Encryption
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Security Management.
1 Introduction to Information Security , Spring 2015 Lecture 7: Applied cryptography: asymmetric Eran Tromer Slides credit: John Mitchell, Stanford.
Identity-Based Encryption Technology Overview Public Key Cryptography Without Certificates Mark J. Schertler.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,
ASYMMETRIC CIPHERS.
Computer Science Public Key Management Lecture 5.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Bob can sign a message using a digital signature generation algorithm
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
An Efficient Identity-based Cryptosystem for
Crypto Bro Rigby. History
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography, Authentication and Digital Signatures
James Higdon, Sameer Sherwani
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Chapter 21 Public-Key Cryptography and Message Authentication.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
David Evans CS588: Security and Privacy University of Virginia Computer Science Lecture 14: Public Key Infrastructure.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Lecture 2: Introduction to Cryptography
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Key Management Network Systems Security Mort Anvari.
The Pairing Based Cryptography and IBE Standards Effort.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.
Lecture 14 Public Key Cryptography and RSA. Summary principles of public-key cryptography principles of public-key cryptography RSA algorithm, implementation,
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
What is in a name? Identity-based cryptography. How public-key crypto works When you use public key cryptography, you can publish a value (public key)
Key management issues in PGP
An Introduction to Pairing Based Cryptography
Identity Based Encryption
Boneh-Franklin Identity Based Encryption Scheme
An Introduction to Pairing Based Cryptography
The Secure Sockets Layer (SSL) Protocol
Presentation transcript:

Pairing Based Cryptography Standards Terence Spies VP Engineering Voltage Security

Overview What is a Pairing? Pairing-based Crypto Applications Pairing-based Crypto Standards

What is a Pairing? An old mathematical idea It “pairs” elliptic curve points Has a very interesting property called bilinearity: Pair(aB, cD) = Pair(cB, aD) This property makes for a powerful new cryptographic primitive Popular cryptographic research area (200+ papers)

What can Pairings do? Identity based encryption Encryption where any string (like an address) can be a public key Identity based key exchange Key exchange using identities Short signatures 160-bit signatures Searchable encryption, and others

Identity-Based Encryption (IBE) IBE is an old idea Originally proposed by Adi Shamir, co-inventor of the RSA Algorithm in 1984 Fundamental problem: can any string be used as a public key? Practical implementation: Boneh-Franklin Algorithm published at Crypto 2001 First efficient, provably secure IBE scheme

Identity-Based Encryption (IBE) The ability to use any string makes key management easier IBE Public Key: RSA Public Key: Public exponent=0x10001 Modulus=

How IBE works in practice Alice sends a Message to Bob Key Server Alice encrypts with 1 Requests private key, authenticat es 2 Receives Private Key for 3 Bob decrypts with Private Key 4 m

How IBE works in practice Charlie sends a Message to Bob Charlie encrypts with 1 Bob decrypts with Private Key 2 m Fully off-line - no connection to server required Key Server

How Pairings Lead to IBE Setup Key generator generates secret s, random P Gives everyone P, sP Encryption Alice hashes -> Encrypt message with k = Pair(rID, sP) Send encrypted message and rP Key Generation Bob authenticates, asks for private key Key generator gives back sID Decrypt Bob decrypts with k = Pair(sID, rP) Bob’s k and Alice’s k are identical

IBE’s Operational Characteristics Easy cross-domain encryption No per-user databases No per-user queries to find keys State of the system does not grow per user Key recovery Accomodates content scanning, anti-virus, archiving and other regulatory mechanisms Keys still under control of enterprise Fine-grained key control Easy to change authentication policy over time Revocation handled without CRLs

Sweet Spots for IBE Encryption Inside and outside the organization Sweet Spots for PKI Authentication Signing Inside the organization IBE and PKI - Complementary Strengths PKI Maximum protection Works well for signing/authentication Requires roll-out generate keys for users Certificate managment Identity-Based Encryption Good for encryption no key-lookup revocation is easy Ad-hoc capable requires no pre-enrollment Content scanning easy

Other Pairing Applications Short Signatures BLS scheme and others yield 160-bit signatures Half the size of DSA signatures Have other interesting properties Can aggregate signatures Allows, for example, a single signature on a cert chain Verifiable encrypted signatures Use in fair exchange, other protocols Searchable Encryption Key Exchange

Standards Activities IEEE Study Group formed last Monday, as part of the P1363 Group Goal is writing and submitting a PAR, defining the mission of the standards group 24 participants from various countries and industries Technical content drafts soon Pairings module: Hovav Shacham, Stanford IBE module: Mike Scott, Dublin City University Draft PAR agreed, to be submitted

Standards Philosophy Model after past IEEE cryptographic standards Standardize algorithms, but not protocols e.g. formats for IBE encrypted would be part of a different standard Don’t block future standards based on PBC Allow for amendments that build on parts of this standard Separate IBE and PBC layers Limit scope to keep the task manageable Focus on one set of algorithms, split off other types of algorithms into separate standards

Proposed Structure of an PBC/IBE Standard Pairing Based Crypto Layer and Algorithm Layers Identity-Based Encryption Pairing Based Cryptography e.g. pairing, algorithms to compute pairings, curve types, curve parameters IBE based Protocols e.g. IBE , key request etc. Identity based key exchange Signatures 1363 Other stds

Current Discussion Points Scaling Security to 128/256 bits Separation between pairing layer and crypto methods Curve families for embedded and hardware implementation

For More Information On 1363 activities: On pairing based crypto Paulo Barreto’s Pairing Based Crypto Lounge On IBE

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.