Network Security: Lab#2 J. H. Wang Oct. 9, 2013. Objectives To learn to use message digests –MD5 To learn to use secure hash functions –SHA-1, SHA-2 To.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and Hash Functions. Digital Signatures.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Chapter 3 Encryption Algorithms & Systems (Part C)
Electronic mail security -- Pretty Good Privacy.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Feb 19, 2002Mårten Trolin1 Previous lecture Practical things about the course. Example of cryptosystem — substitution cipher. Symmetric vs. asymmetric.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Linux Cryptography overview and How-to’s using OpenSSL
Encryption Methods By: Michael A. Scott
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Linux Networking and Security Chapter 8 Making Data Secure.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
SECURITY Chapter 7.3 – 7.5 Presentation by Deepthi Reddy.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.
Chapter 21 Public-Key Cryptography and Message Authentication.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.
A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Intro to Cryptography Lesson Introduction
1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
CS/COE 1501 Recitation Extended Euclidean Algorithm + Digital Signatures.
Public / Private Key Example Dan Fleck CS 469: Security Engineering Coming up: Today 11.
Public-Key encryption structure First publicly proposed by Diffie and Hellman in 1976First publicly proposed by Diffie and Hellman in 1976 Based on mathematical.
Network Security: Security. Objectives To learn to use security tools –PGP To learn the availability of security libraries –S/MIME.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
e-Health Platform End 2 End encryption
NET 311 Information Security
The Secure Sockets Layer (SSL) Protocol
Presentation transcript:

Network Security: Lab#2 J. H. Wang Oct. 9, 2013

Objectives To learn to use message digests –MD5 To learn to use secure hash functions –SHA-1, SHA-2 To learn to use one of the public-key cryptography standards –RSA To learn to use digital signatures

Libraries Used in this Lab OpenSSL: an open source implementation of SSL and TLS protocols –Widely used on various platforms UNIX-like: Linux, Solaris, Mac OS X, BSD Windows –Cryptographic algorithms supported MD5, SHA-1, SHA-2 RSA –(Installation skipped: the same as in Lab#1)

OpenSSL Command-Line Tools OpenSSL command-line tool –MD5: openssl md5 –SHA: (-224, -256, -384, -512) SHA: openssl sha SHA-1: openssl dgst -sha1

OpenSSL Command-Line Tools Alternative commands –MD5: openssl dgst -md5 –SHA: SHA: openssl dgst -sha SHA-1: openssl dgst -sha1

Experiment Scenario - Encryption Prepare a file to be encrypted, say “original.txt” First, we encrypt the file into encrypted file “enc.txt” (using receiver’s public key) Then, we decrypt it and get another file “dec.txt” (using receiver’s private key) Finally, we check if the decrypted file is the same as the original file

Another Scenario – Digital Signature Prepare a file to be signed, say “original.txt” First, we encrypt the file into encrypted file “sig.txt” (using sender’s private key) Then, we decrypt it and get another file “des.txt” (using sender’s public key) Finally, we verify if the decrypted file is the same as the original file

Yet Another Scenario – both Prepare a file to be signed and encrypted, say “original.txt” First, we encrypt the file into encrypted file “sign.txt” (using sender’s private key) Then, we encrypt the file into encrypted file “enc.txt” (using receiver’s public key) Third, we decrypt it and get another file “dec.txt” (using receiver’s private key) Four, we decrypt it and get another file “des.txt” (using sender’s public key) Finally, we verify if the decrypted file is the same as the original file

Limitations of the Tool File size: cannot be larger than 64 bytes –It depends on the key size (default: 512 bits) –We can set a larger key size E.g. for generating private key of 1024 bits: –openssl genrsa -out key.s 1024 –Still a serious limitation

Real Application Scenario For each person, a pair of keys is first generated To send a large file, it can be encrypted in two possible ways –The file must be first divided into pieces and encrypted by RSA –The file can also be encrypted by a session key using AES, in which the session key is encrypted by RSA The decryption process is also followed by a merge of decrypted pieces or by session key

OpenSSL Command-Line Tools OpenSSL command-line tool for RSA –Notation: : secret key : public key –Key management: Private key generation: openssl genrsa -out To output public key: openssl rsa -in -pubout -out –Encryption/decryption: Encrypt with public key: openssl rsautl -encrypt -pubin -inkey -in -out Decrypt with private key: openssl rsautl -decrypt -inkey -in -out

OpenSSL Command-Line Tools Alternative commands for RSA: (using pkeyutl) –Encryption/decryption: Encrypt with public key: openssl pkeyutl -encrypt -pubin -inkey -in -out Decrypt with private key: openssl pkeyutl -decrypt -inkey -in -out

OpenSSL command-line tool for Digital Signature –Notation: : original file : signature file –Digital signature: Sign: openssl rsautl -sign -inkey -in -out Verify: openssl rsautl -verify -pubin -inkey -in –Alternative commands: Sign: openssl pkeyutl -sign -inkey -in -out Verify: openssl pkeyutl -verify -inkey -sigfile -in Recover: openssl pkeyutl -verifyrecover -pubin -inkey - in

OpenSSL Libraries for Message Digests OpenSSL crypto library –MD5: 128-bit #include Initialize a MD5_CTX structure: MD5_Init() MD5_Update() MD5_Final() Computes the message digest: MD5()

OpenSSL Libraries for Secure Hash Functions –SHA1: 160-bit #include Initialize a SHA_CTX structure: SHA1_Init() SHA1_Update() SHA1_Final() Computes the message digest: SHA1() –EVP: high-level interface to cryptographic functions #include EVP_Digest…() functions: message digests

OpenSSL Libraries for Public-Key Cryptography –RSA: #include RSA structure RSA_...() functions –EVP: high-level interface to cryptographic functions #include EVP_Seal…(), EVP_Open…(): public key encryption/decryption EVP_PKEY…() functions: asymmetric algorithms

OpenSSL Libraries for Digital Signature –EVP: high-level interface to cryptographic functions #include EVP_Sign…(), EVP_Verify…(): digital signature

Summary Key generation Encrypting a file (using public-key cryptography) Decrypting a file (using public-key cryptography) Signing a file Verifying a file Generating and verifying message digests

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.