Digital Signatures and Digital Certificates Monil Adhikari.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Web 101 Third Edition by Wendy G. Lehnert & Richard L. Kopec Modified by.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Cryptographic Technologies
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CSCI 6962: Server-side Design and Programming
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Secure Electronic Transaction (SET)
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Types of Electronic Infection
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Security fundamentals Topic 5 Using a Public Key Infrastructure.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Private key
Key Management Network Systems Security Mort Anvari.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Digital Signature, Digital Certificate – Securing E-Transactions Dr. Hussein Al-Bahadili.
Key management issues in PGP
Computer Communication & Networks
12. Encryption on the Internet
NET 311 Information Security
Pooja programmer,cse department
Unit 8 Network Security.
Electronic Payment Security Technologies
PGP CSC 492 Presentation May 2, 2007 Brandon Skari Ruby Matejcik.
Presentation transcript:

Digital Signatures and Digital Certificates Monil Adhikari

2 Digital Signature Digital signature can be used in all electronic communications Web, , e-commerce It is an electronic stamp or seal that append to the document. Ensure the document being unchanged during transmission.

3 How digital Signature works? User A User B Use A ’ s private key to sign the document Transmit via the Internet User B received the document with signature attached Verify the signature by A ’ s public key stored at the directory

4 Digital Signature Generation and Verification Message SenderMessage Receiver Message Hash function Digest Encryption Signature Hash function Digest Decryption Expected Digest Private Key Public Key

All copyrights reserved by C.C. Cheung Digital Signature Reference

6 Key Management Private key are password-protected. If someone want your private key: They need the file contains the key They need the passphrase for that key If you have never written down your passphrase or told anyone Very hard to crack Brute-force attack won ’ t work

7 Digital Certificates Digital Certificate is a data with digital signature from one trusted Certification Authority (CA). This data contains: Who owns this certificate Who signed this certificate The expired date User name & address

8 Digital Certificate Reference

All copyrights reserved by C.C. Cheung Elements of Digital Cert. A Digital ID typically contains the following information: Your public key, Your name and address Expiration date of the public key, Name of the CA who issued your Digital ID

10 Certification Authority (CA) A trusted agent who certifies public keys for general use (Corporation or Bank). User has to decide which CAs can be trusted. The model for key certification based on friends and friends of friends is called “ Web of Trust ”. The public key is passing from friend to friend. Works well in small or high connected worlds. What if you receive a public key from someone you don ’ t know?

11 CA model (Trust model) Root Certificate CA Certificate Browser Cert. CA Certificate Server Cert.

12 Web of Trust model Bob A B Alice D C

13 Public Key Infrastructure (PKI) PKI is a system that uses public-key encryption and digital certificates to achieve secure Internet services. There are 4 major parts in PKI. Certification Authority (CA) A directory Service Services, Banks, Web servers Business Users

All copyrights reserved by C.C. Cheung Digital 21. gov.hk ReferenceReference: An official homepage which provides lot of PKI, e-commerce information

15 4 key services Authentication – Digital Certificate To identify a user who claim who he/she is, in order to access the resource. Non-repudiation – Digital Signature To make the user becomes unable to deny that he/she has sent the message, signed the document or participated in a transaction. Confidentiality - Encryption To make the transaction secure, no one else is able to read/retrieve the ongoing transaction unless the communicating parties. Integrity - Encryption To ensure the information has not been tampered during transmission.

All copyrights reserved by C.C. Cheung Certificate Signers

All copyrights reserved by C.C. Cheung Certificate Enrollment and Distribution

18 Secure Web Communication Server authentication is necessary for a web client to identify the web site it is communicating with. To use SSL, a special type of digital certificate – “ Server certificate ” is used. Get a server certificate from a CA. E.g. Install a server certificate at the Web server. Enable SSL on the Web site. Client authentication – Client certificatesClient certificates

19 Strong and Weak Encryption Strong encryption Encryption methods that cannot be cracked by brute-force (in a reasonable period of time). The world fastest computer needs thousands of years to compute a key. Weak encryption A code that can be broken in a practical time frame. 56-bit encryption was cracked in bit will be cracked in bit will be cracked in 2107.

20 Pretty Good Privacy (PGP) Release in June 1991 by Philip Zimmerman (PRZ) PGP is a hybrid cryptosystem that allows user to encrypt and decrypt. Use session key “ a random generated number from the mouse movement or keystrokes ” Demo & TutorialTutorial

21 PGP Public Key Philip R Zimmermann's Public Keys Current DSS/Diffie-Hellman Key: Key fingerprint: 055F C78F C4F 37AF C B2D7 795E -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP mQGiBDpU6CcRBADCT/tGpBu0EHpjd3G11QtkTWYnihZDBdenjYV2EvotgRZAj5h4ewprq1u/zqzGBYpiYL/9j+5XDFcoWF24bzsUmHXsbDSiv+XEyQND1GUdx4wVcEY5rNjkArX06XuZzObvXFXOvqRj 6LskePtw3xLf5uj8jPN0Nf6YKnhfGIHRWQCg/0UAr3hMK6zcA/egvWRGsm9dJecD/18XWekzt5JJeK3febJO/3Mwe43O6VNOxmMpGWOYTrhivyOb/ZLgLedqX+MeXHGdGroARZ+kxYq/a9y5jNcivD+Ey N+IiNDPD64rl00FNZksx7dijD89PbIULDCtUpps2J0gk5inR+yzinf+jDyFnn5UEHI2rPFLUbXWHJXJcp0UBACBkzDdesPjEVXZdTRTLk0sfiWEdcBM/5GpNswMlK4A7A6iqJoSNJ4pO5Qq6PYOwDFqGir19 WEfoTyHW0kxipnVbvq4q2vAhSIKOqNEJGxg4DTEKecf3xCdJ0kW8dVSogHDH/c+Q4+RFQq/31aev3HDy20YayxAE94BWIsKkhaMyokAYQQfEQIAIQUCOlTwWwIHABcMgBE/xzIEHSPp6mbdtQCcnb wh33TcYQAKCRDHRjY5std5Xle4AKCh1dqtFxD/BiZMqdP1eZYG8AZgTACfU7VX8NpIaGmdyzVdrSDUo49AJae0IlBoaWxpcCBSLiBaaW1tZXJtYW5uIDxwcnpAbWl0LmVkdT6JAFUEEBECABUFAjpU 6CcFCwkIBwMCGQEFGwMAAAAACgkQx0Y2ObLXeV5WUQCfWWfTDHzSezrDawgN2Z4Qb7dHKooAoJyVnm61utdRsdLr2e6QnV5Z0yjjiQBGBBARAgAGBQI6VOkSAAoJEGPLaR3669X8JPcAnim4 +Hc0oteQZrNUeuMSuirNVUr7AKC1WXJI7gwMq0Agz07hQs++POJBMokARgQQEQIABgUCOlcobQAKCRDXjLzlZqdLMVBtAKDa5VPcb6NVH6tVeEDJUv+tBjp6oACeLoNtfbs2rvJkgKDHWEIDmJdgy 2GJAD8DBRA6WP4Y8CBzV/QUlSsRAkmdAKC3TfkSSeh+poPFnMfW+/Y/+AAEEpGSUYAAQEAAAEAAQAA/9sAQwAKBwcIBwYKCAgICwoKCw4YEA4NDQ4dFRYRGCMfJSQiHyIhJis3LyYpNCkhIj BBMTQ5Oz4+PiUuRElDPEg3PT47///EALUQAAIBAwMCBAMFB ………………………………………………………………….. QQEAAABfQECAwAEEQUSITFBBhNRYQcicRQygZk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAA BAgMEBQYHCAkKC//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGxwQkjM1LwFWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFl aY2RlZmdoaWpzdHV2d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQACEQMRAD8A9mooooAKKKKACsj W/Eum6FGTdS7pcfLEv3j/AIfjWV428XHQrf7HY4e/lHXIxEvqfevH7y8lupXmmuJppWOZJC+AD9aly7GkIX1Z3OpfE3Up3K2EUVumcdN7fy/pWLL4415wPM1GWPJyNpK/0Fc5btG/Pktkfx7yTVhYAGLsAx bryf5c5rNvzNlG3Q6yz8ZaxEyudQkcZ+7JtYH867PRfG9nfIsd7/o8p/iI+U/4V5EI/IGV+XUGfnHy9iUsiGSa6q6Jew1XpTDJvAAICDACNUV4K2PS6h574Z3NaBsIQe5jkVO48MSohjC6s29CjPhlU79cQIYW mBpuNfwroZ6zltyz6Y2Fm65V0IfvVicR7zvFFCOhahMuk1cr+Qp936OMEq9sLZGxTjClgwrHGS7YpMSZrEC7bpOmERjo4F/n5YmCHJCH8QzCOc9+80gjVEsHiJVABrC8yykjKL5x1V/PSArE4QtMLbkBP GmQYOw8bx6jCHoO43QjUzbqRfBMHZqWVJyoIIZCp+n13XM4+NO/cDVsZ8bjch0LIOyMrT85n24yfXRlP0s7BFjLm59Jjhf4djuJWikJawWETlypAy86OYRRuwCbIyNauBeTKy+avZvF2oLvpwH4UnudpC 06/O0jkj2lQpn9EEUw11RwO6sq9zYTwAUyKerN00cbCfyiZl01CIo0btcTO6hQK3c67PaloJ9lVH8/mH7LuqkMLDH5ugkpzmed/8SorfqVkakne6b4mRySFCBXaVZoKmDHzcH2oSSMhM9exyh6dzi1bGu6J AEwEGBECAAwFAjpU6CcFGwwAAAAACgkQx0Y2ObLXeV7lbQCg+N+fI3bzqF9+fB50J5sFHVHM7hYAn0+9AfDl5ncnr4D7 ReMDlYoIZwRR =Bgy END PGP PUBLIC KEY BLOCK-----

22 PGP encryption Reference

23 PGP decryption Reference

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.