Presentation is loading. Please wait.

Presentation is loading. Please wait.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Published byChelsey Waldman Modified over 9 years ago

Similar presentations

Presentation on theme: "Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing."— Presentation transcript:

1 Topic 7: Using cryptography in mobile computing

2 Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing the art of secret communication, comes from Greek meaning “secret writing.” Cryptography has growth in tandem with technology and its importance has also similarly grown. Just as in its early days, good cryptographic prowess still wins wars. A cryptographic system consists of four essential components: –Plaintext – the original message to be sent. –Cryptographic system (cryptosystem) or a cipher – consisting of mathematical encryption and decryption algorithms. –Ciphertext – the result of applying an encryption algorithm to the original message before it is sent to the recipient. –Key – a string of bits used by the two mathematical algorithms in encrypting and decrypting processes. –Key-based encryption algorithm can either be symmetric, also commonly known as conventional encryption, or asymmetric, also known as public key encryption.

3 Symmetric Encryption – Symmetric encryption or secret key encryption uses a common key and the same cryptographic algorithm to scramble and unscramble the message – The transmitted final ciphertext stream is usually a chained combination of blocks of the plaintext, the secret key, and the ciphertext. – The security of the transmitted data depends on the assumption that eavesdroppers and cryptanalysts with no knowledge of the key are unable to read the message

4 Public Key Encryption – Public key encryption, commonly known asymmetric encryption, uses two different keys, a public key known by all and a private key known by only the sender and the receiver. – Both the sender and the receiver own a pair of keys, one public and the other a closely guarded private one. To encrypt a message from sender A to receiver B, as shown in figure 10.4, both A and B must create their own pairs of keys. Then A and B publicize their public keys – anybody can acquire them. When A is to send a message M to B, A uses B’s public key to encrypt M. On receipt of M, B then uses his or her private key to decrypt the message M. As long as only B, the recipient, has access to the private key, then A, the sender, is assured that only B, the recipient, can decrypt the message. – This ensures data confidentiality. – Data integrity is also ensured because for data to be modified by an attacker it requires the attacker to have B’s, the recipient’s private key. Data confidentiality and integrity in public key encryption is also guaranteed.

5 Hash functions – A hash function is a mathematical function that takes an input message M of a given length and creates a unique fixed length output code. The code, usually a 128-bit or 160-bit stream, is commonly referred to as a hash or a message digest. – A one-way hash function, a variant of the hash function, is used to create a signature or fingerprint of the message – just like a human fingerprint. – On input of a message, the hash function compresses the bits of a message to a fixed-size hash value in a way that distributes the possible messages evenly among the possible hash values. – Different messages always hash to different message digests

6 Digital Signatures A digital signature is an encrypted message digest, by the private key of the sender, appended to a document to analogously authenticate it, just like the handwritten signature appended on a written document authenticates it. Digital signatures are formed using a combination of public key encryption and one-way secure hash function according to the following steps: – The sender of the message uses the message digest function to produce a message authentication code (MAC). – This MAC is then encrypted using the private key and the public key encryption algorithm. This encrypted MAC is attached to the message as the digital signature

7 Protecting stored data Cryptography plays a vital role in safegurading both stored data and data in communication – Cryptography, due to use of keys, has function codes and digital signitures is widely used and is becoming more and more acknowledged as one of the best ways to secure data and applications both stores at rest and in motion between devices.

8 Secure key generation and management of mobile devices More and more people are now using a mobile device with either personal or work related data. A growing number of employers are increasingly using unmanaged, personal devices to access sensitive enterprise resources and then connecting these devices to third party services outside of the enterprise security controls. This potentially expose the enterprise sensitive data to possible attackers. There are several security protocols and best practices that can come in handy to situations including: – Mobile Device Encryption – Mobile Remote Wiping – Mobile Passcode Policy

9 Mobile phone authentication Mobile authentication is driven by a number of factors including: – Simplicity of authentication experience – device-anywhere access – enterprises byod policies – Device public commons access – increased security and compliance demands. Mainstream mobile device authentication methods include: – short message service (SMS) OTP, – device-generated OTP – out-of-band (OOB) – growing number of device manufacturers’ specific authication methods.

Download ppt "Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Chapter 11: Cryptography

Chapter 11: Cryptography
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott

Similar presentations

Ads by Google