Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapt. 10 – Key Management Dr. Wayne Summers

Published byΕὐριπίδης Αποστολίδης Modified over 5 years ago

Similar presentations

Presentation on theme: "Chapt. 10 – Key Management Dr. Wayne Summers"— Presentation transcript:

1 Chapt. 10 – Key Management Dr. Wayne Summers
Department of Computer Science Columbus State University

2 10.1 Session and Interchange Keys
Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and the generation, maintenance, and revoking of such keys Solves problem of propagating authentication Interchange key – cryptographic key associated with a principal to a communication Session key - cryptographic key associated with the communication

3 10.2 Key Exchange Goal is two allow two parties to communicate secretly using a shared cryptographic key Key cannot be transmitted in the clear (must be encipher when sent or derived without an exchange of data used to derive the key) Sender and receiver may decide to trust a third party Cryptosystems and protocols are publicly known. The only secret data is the keys involved.

4 10.4 Cryptographic Key Infrastructures
Certificate- token that binds an identity to a cryptographic key X.509: Directory Authentication Framework – defines certificate formats and certification validation (see Bishop pg. 257 for details) Certification authority (CA) – entity that issues certificates PGP (Pretty Good Privacy) – enchipherment program widely used to provide privacy for electronic mail (see Bishop pg. 259 for details)

5 10.5 Storing and Revoking Keys
If stored in a file, easy to compromise, even if enchiphered Store on one or more smart cards (ROM) Key escrow system – system where a third party can recover a cryptographic key Should not depend on encipherment algorithm Privacy protections must work throughout, including the user interface Requirements (legal/business) must map to the key exchange protocol All parties must authenticate themselves System must ensure that keys are valid while message is observable

6 10.6 Digital Signatures Digital signatures – authenticates both the origin and content of a message Uses public key cryptography Provides nonrepudiation RSA Digital Signature (some problems) El Gamal Digital Signature (similar to Diffie- Hellman)

Download ppt "Chapt. 10 – Key Management Dr. Wayne Summers"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Computer Security Key Management

Computer Security Key Management
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Cryptographic Technologies

Cryptographic Technologies
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
Chapter 9: Key Management

Chapter 9: Key Management
Slide #9-1 Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures.

Slide #9-1 Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.

Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Similar presentations

Ads by Google