Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.

Slides:



Advertisements
Similar presentations
Asymmetric-Key Cryptography
Advertisements

Public Key Encryption Algorithm
Public Key Algorithms …….. RAIT M. Chatterjee.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies
Public Key Cryptography
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Chapter3 Public-Key Cryptography and Message Authentication.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
Public Key Algorithms 4/17/2017 M. Chatterjee.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Diffie-Hellman Key Exchange
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
ASYMMETRIC CIPHERS.
Lecture 6: Public Key Cryptography
Computer Science Public Key Management Lecture 5.
Introduction to Public Key Cryptography
Public Key Model 8. Cryptography part 2.
 Introduction  Requirements for RSA  Ingredients for RSA  RSA Algorithm  RSA Example  Problems on RSA.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.
Applied Cryptography (Public Key) RSA. Public Key Cryptography Every Egyptian received two names, which were known respectively as the true name and the.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.
Midterm Review Cryptography & Network Security
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
1 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Key-Policy Attribute-Based Encryption Present by Xiaokui.
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Key Exchange Methods Diffie-Hellman and RSA CPE 701 Research Case Study Derek Eiler | April 2012.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
PUBLIC KEY CRYPTOGRAPHY ALGORITHM Concept and Example 1IT352 | Network Security |Najwa AlGhamdi.
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.
Chapter 3 – Public Key Cryptography and RSA (A). Private-Key Cryptography traditional private/secret/single-key cryptography uses one key shared by both.
Chapter 9 Public Key Cryptography and RSA. Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Public Key Algorithms Lesson Introduction ●Modular arithmetic ●RSA ●Diffie-Hellman.
Computer and Network Security - Message Digests, Kerberos, PKI –
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Key Management Network Systems Security Mort Anvari.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.
Cryptography and Network Security Chapter 13
Presentation transcript:

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 2 Cryptography Bob Alice Intruder untrusted network encrypt decrypt  Types  Symmetric key  Asymmetric key  Attacks  Ciphertext only  Known plaintext  Chosen plaintext message ciphertext

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  (e,n) is Alice’s public key  (d,n) is Alice’s secret key 3 RSA Encryption Rivest, Shamir, Adelman Alice untrusted network encryptdecrypt Bob (e,n) (d,n) M e mod nC d mod n Intruder M C C M

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 4 RSA Algorithm 1. Choose two large (100 digit) prime numbers, p and q, and set n = p x q 2. Choose any large integer, d, so that: GCD( d, ((p­1)x(q­1)) = 1 3. Find e so that: e x d = 1 (modulo (p­1)x(q­1)) Example: 1. p = 5, q = 11 and n = 55. (p­1)x(q­1) = 4 x 10 = A valid d is 23 since GCD(40, 23) = 1 3. Then e = 7 since: 23 x 7 = 161 modulo 40 = 1

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Certification Authority (CA) Trusted (by Bob) entity Authenticates identity of individual (Alice) creates (public key, private key) pair Certificate contains an (identity, public key) pair is signed with the private key of the CA Repository need not be trusted is read-only to relying parties may be duplicated for performance Certificate can be “pushed” to the relying party 5 Public Key Infrastructure (PKI) issues stored in retrieved Alice proves identity Bob (relying party)

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 6 Certificate/Trust Chain identity signed by presented identity certificate trusted CA (root CA, trust anchor) identity

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Diffie-Hellman Key Exchange  How can two parties come to possess a shared secret using only insecure channels of communication?  Assumes passive eavesdropping only (i.e. susceptible to active (wo)man-in-the-middle attack)  Relies on prime number groups (more later)  Same/similar techniques underlie more recent cryptographic methods 7

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Diffie-Hellman Key Exchange  Some mathematics  If p is prime number, then the numbers 1..p-1 form a group of order p-1 with multiplication modulo p as its operator.  A generator, g, is any number 1..p-1 such that for all n in 1..p-1 there is a power k such that n=g k mod p.  Example: 3 is a generator for the group with p=7  Notation:  Operations:  Security based on computational infeasibility of solving the discrete logarithm problem (i.e., finding x if y = g x mod p given y, g, and p). 8

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Key Exchange Protocol  Public information  A prime number, p  A generator, g  Steps  Alice chooses a random number a and computes u=g a mod p and sends u to Bob.  Bob chooses a random number b and computes v=g b mod p and sends v to Alice.  Bob computes the key k = u b mod p = (g a ) b mod p.  Alice computes the key k = v a mod p = (g b ) a mod p.  (note: both Bob and Alice have k = (g ab ) mod p) 9

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Identity-based encryption  Public-key encryption  Identity is conveyed in a certificate from a certificate authority that binds the public key to the identity  Certificate must be obtained in advance  Certificate authority is trusted to validate claim of identity  Identity-based encryption  Identity itself serves as the public key (e.g,  No advance preparation needed  Trusted service validates claim of identity  Key escrow issue (trusted service can recreate secret key associated with an identity) 10

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Identity-based encryption 11 Private Key Generator Encrypted with as public key authenticate send private key Alice Bob

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Identity-based Encryption 12 SetupkExtract master-key Private Key Generator (PKG) Receiver Decrypt params Sender Encrypt M C M d ID ID

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Bilinear Maps  Some mathematics   Fortunately, groups with these properties can be generated algorithmically using a positive integer seed value (security parameter) k. 13

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Identity-based encryption  BasicIdent algorithm  Setup 14

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Identity-based Encryption  Extract  Encrypt  Decrypt 15

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Why does this work?  Encryption bitwise exclusive-ors M with:  Decryption bitwise exclusive-ors V with:  These masks are the same since: 16

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Extensions 17 bilinear groups threshold secret sharing access tree ID-based attribute/fuzzy IDkey/policy-based

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.