Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed."— Presentation transcript:

1 CSCI 530L Public Key Infrastructure

2 Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed easily E-Mail Header Most of it can be spoofed, but not all of it Pain to go through all the information Call the person, and ask them if they sent it If you received the e-mail at 3:00 PM PDT, and the guy is in India, it’s 3:00 AM there.

3 Solution We should have a way of verifying, in the e- mail, who it is really from Digital Signature Uniquely verifies that a sender has sent the document, similar to a real signature Takes a hash of the message – digest Encrypts the digest using the private key Anyone who reads the e-mail can see the signature, decrypt it using the public key, and if the digest matches the message, then this user sent the message

4 Another problem How do you know who owns this public key? It’s just floating around on the web!!! If you know that person, you could ask him to come over to you and read off his public key ID If you know person “A” who has verified that this public key belongs to person “B”, and you know and trust person “A”, then by association, you can trust the public key of person “B” “Web of Trust” This is the idea behind PGP

5 PGP – Pretty Good Privacy Today, the standard is OpenPGP Uses the concept of public key cryptosystem in which one key is public and one key is private. Uses the private key for encryption and digital signatures Publish the public key to a Keyserver Example: pgp.mit.edu Can view and obtain other people’s public keys from the keyserver If you know that the key does belong to that particular person, you can sign the key, stating “I trust that person” If your friend trusts you, then he will sign your key, and see who else signed your key and who’s key you have signed, creating this web of trust

6 Drawbacks to PGP You have to rely upon your trust of someone else to verify No real central authority If Harry decides to turn rogue, then everyone who trusted Harry or who is trusted by Harry will start to not trust people, breaking the web of trust

7 Lab Assignment We are going to use the implementation called GnuPG, or Gnu Privacy Guard, along with the Mozilla Thunderbird Extension “Enigmail” You will have to create a PGP key, and upload your public key to the pgp.mit.edu keyserver You will have to sign my public key that is posted I have many posted, but I specify which one I want you to sign You will have to send me a digitally signed e-mail to demonstrate that everything is set up.

8 Lab Assignment Continued We want you do to this on your home or primary machine, so there will be no formal lab sessions this week This lab is due by 9/15/06 3:30 PM PDT for everyone There are questions that must be answered. E- mail these TO YOUR LAB ASSISTANT ONLY, but send the signed e-mail to joseph.greenfield@usc.edu joseph.greenfield@usc.edu

Download ppt "CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed."

Similar presentations

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.
Cryptographic Technologies

Cryptographic Technologies
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.

August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.

David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.

Similar presentations

Ads by Google