Secure Messenger Protocol using AES (Rijndael) Sang won, Lee 2001807

Slides:

Advertisements

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

Advertisements

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Computer Science Public Key Management Lecture 5.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.

SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.

Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.

Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.

Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.

Security in Skype Prepared by Prithula Dhungel. Security in Skype2 The Skype Service P2P based VoIP software Founded by the founders of Kazaa Can be downloaded.

Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.

1 The Elements of Cryptography Chapter 7 Copyright 2003 Prentice-Hall.

Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Elliptic Curve Cryptography

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Implementing Secure IRC App with Elgamal By Hyungki Choi ID : Date :

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.

Biometric Encryption Base RSA Algorithm Supervisor: Ass. Prof. Dr. Dang Tran Khanh Student: Dung Ngo Dinh.

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

Whatsapp Security Ahmad Hijazi Systèmes de Télécommunications & Réseaux Informatiques (STRI) 20 April 2016.

1 Example security systems n Kerberos n Secure shell.

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

e-Health Platform End 2 End encryption

The Secure Sockets Layer (SSL) Protocol

Key Distribution Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, /18/2019 Ref: Pfleeger96, Ch.4.

Electronic Payment Security Technologies

Presentation transcript:

Secure Messenger Protocol using AES (Rijndael) Sang won, Lee

2 Contents Introduction Security Consideration AES (Rijndael) SIM Protocol System model Conclusion

3 Introduction Instant Messenger How does it work? Through server routing Direct communication Combination Security of Instant messenger Messenger with security module is rare. Security of instant messenger is important. Because using messenger is spread to business market.

4 Security Consideration Privacy User’s information should be kept safely. Confidentiality All message are encrypted before sending. Authentication Only authentication user can use SIM service Integrity Message sent by user should not be modified or forged by other. Efficiency SIM use hybrid cryptosystem. Asymmetric cryptosystem is used in key agreement and digital signature. Symmetric cryptosystem is used in message encryption and decryption.

5 AES (Rijndael) SIM use Rijndael for encryption and decryption of message. 4x4 byte array Input whiteningByteSubShiftRowMixColumnAddRoundKey ByteSubShiftRowAddRoundKey Nr-1 rounds Final round

6 SIM Protocol User Registration User know {n, g} User generates RSA public key and private key. User sends public key with user information. Server receives and saves this information. Server responses to client if registration is ok or not. If server’s response is ok, User saves one’s key pair. If fail, retry. {n, g} ClientServer Generate PK, SK {PK, Info} Check Info Save {PK, Info} R If Ok, Save If Fail, Retry

7 SIM Protocol User Login User loads one’s key pair. User know {n, g} 1. User computes RSA Dec{ID} Sk. 2. User sends ID and decryption result. 3. Server verify ClientServer Load Key pair {PK,SK} H = H(ID) Y = Dec{H} SK ID, Y R Verify H(ID) = Enc{Y} PK {n, g}

8 SIM Protocol Key Agreement 1. User generates random integer x. 2. User computes g x. 3. User request friends list to server. 4. Server confirms whether user’s friends is online or not and sends friends list with online conformation information. 5. User receives one’s friends list. 6. If friend is online. User sends g x to friend. User receives g y. User computes session key g xy. User saves session key with ID. Request ClientServer Compute g x Friends List gygy S = g xy Generate Random x Confirm Friends List gxgx Client Diffie-Hellman Key agreement S = g xy

9 SIM Protocol Message Send & Receive Message can be encrypted or decrypted with shared session key by Rijndael

10 System model Client Messenger Encrypted Message Diffie-Hellman Key Agreement Key Client Friend List Messenger Server Storage Login Session Key Session Key Encryption Decryption

11 Conclusion Multiparty key agreement should be supported. Two party key agreement does not support something like chatting. Database should be used for key management. Key management using Database is important for security. Key size should be longer than 128bit. The size of RSA for signature is 128bit in SIM. That is short. Exchange with off-line user should be considered SIM only can exchange message with on-line user.