Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted."— Presentation transcript:

1 CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Email Adapted from Kurose & Ross, Computer Networking, Addison-Wesley, 2001.

2 An HTTP Request GET index.html HTTP/1.1 Host: www.kzoo.edu Connection: close User-agent: Mozilla/4.0 Accept-language:en

3 Domain Name Translation  What is www.kzoo.edu’s address???  Look it up! –Use a Domain Name Server –Translates a host name into an IP address

4 Routing  Routers –Internet ‘post offices’  Look at address, and send message ‘in the right direction’  Messages often take several ‘hops’ to get to their destination

5 HTTP Response HTTP/1.1 200 OK Connection: close Date: Mon, 30 Sep 2002 Last-Modified: Mon, 23 Sep 2002 Content-Length: 6821 Content-Type: text/html …data data data …

6 Kinds of Messages  HTTP requests / responses  E-mail  Instant Messages  Telnet sessions  Transactions (shopping, etc.)

7 Privacy  Any machine (router) along the path of the message can read it. –Message more like a postcard than a letter  Is this good??? –Of course not!  What can we do??? –Encrypt the messages

8 Cryptography  Need to figure out a way so the recipient can read the message, but nobody else.  Most common technique today: public key cryptography

9 Public Key Cryptography  Each person has a public key and a private key  The two keys ‘un-do’ each other –More on this in a minute  Public keys are publicly available on Key Servers (anyone can see / get them)

10 Sending a Message  Alice wants to send Bob a message  Alice gets Bob’s public key  Alice uses the key to encrypt her message  Bob gets the message, and uses his private key to decrypt it

11 Basic Idea  For a message encrypted using a given public key, the ONLY way to decrypt it is to use the corresponding private key  So, as long as Bob is the only one with his private key, he’s the only one that can read the message

12 Implementation  We want:  Efficient: –Encrypting with public key –Decrypting with private key  Intractable: –Decrypting without private key

13 RSA Algorithm  One way to do this:  Modular Exponentiation –Modular arithmetic – remainder stuff: 13 = 3 (mod 10) –Modular exponentiation: 4 3 = 64 = 4 (mod 10) This can be done efficiently

14 RSA Algorithm  Now, we need to pick numbers that ‘un-do’ each other’s exponentiation  For a mod of 10, 2 undoes itself: 0 3 = 0 (mod 10)5 3 = 125 = 5 (mod 10) 1 3 = 1 (mod 10)6 3 = 216 = 6 (mod 10) 2 3 = 8 (mod 10)7 3 = 343 = 3 (mod 10) 3 3 = 27 = 7 (mod 10)8 3 = 512 = 2 (mod 10) 4 3 = 64 = 4 (mod 10)9 3 = 729 = 9 (mod 10)

15 RSA Algorithm  So, our public key is {10, 3}  Private key is {2}  Encrypting a message: Let’s send 472 –Exponentiate each digit: 438  Decrypting a message: –Exponentiate again: 472

16 RSA Algorithm  Breaking RSA – know exponent, know modulus – just take the root –E.g. find cube root of 4 (mod 10)  Most public keys have very large numbers – ~150 digits.  Finding these roots is an intractable problem – bigger keys, harder problem!

17 Security and Email  Many products with built-in cryptographic protection  Outlook Express – S/MIME (Secure/Multipurpose Internet Mail Extension) Support  Other add-ons (choices for secret key methods, size of key, etc)  Pretty Good Privacy (PGP)

18

19

20 Encryption and Signatures  Encryption: encodes the message so that other users cannot read it  Signatures: let you emulate written signatures

21

22 To see more about getting a certificate: https://certs.netscape.com/client.html https://certs.netscape.com/client.html

23

24

25

26 Encrypting vs. Signing  Encrypt first, sign second: –Verify signatures before decrypting –Useful in automated verification systems  Sign first, encrypt second: –Decrypt before verifying signatures –Useful when plaintext is essence of the message.

27

28

29

30

31

Download ppt "CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted."

Similar presentations

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed.

CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptography and Internet Security How mathematics makes it safe to shop on-line John Lindsay Orr University of Nebraska - Lincoln.

Cryptography and Internet Security How mathematics makes it safe to shop on-line John Lindsay Orr University of Nebraska - Lincoln.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.

1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.

INE1020: Introduction to Internet Engineering 6: Privacy and Security Issues1 Lecture 9: E-commerce & Business r E-Commerce r Security Issues m Secure.

Similar presentations

Ads by Google