Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Key Cryptography July 2011. Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.

Published byJacob Nichols Modified over 8 years ago

Similar presentations

Presentation on theme: "Public Key Cryptography July 2011. Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates."— Presentation transcript:

1 Public Key Cryptography July 2011

2 Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates

3 The briefcase example with shared key

4 Private-Key Cryptography  Traditional private/secret cryptography uses one key  Shared by both sender and receiver  If this key is disclosed, communications are compromised  Symmetric : keys used in parties are equal  No protection of sender from receiver forging a message & claiming is sent by sender

5 Symmetric Key Cryptography Encryption “ “ The quick brown fox jumps over the lazy dog” “ “ AxCv;5bmEseTfid3)fGsmW e#4^,sdgfMwir3:dkJeTsY8R \s@!q3%” “The quick brown fox jumps over the lazy dog” Decryption Plain-text input Plain-text output Cipher-text Same key (shared secret)

6 Symmetric Pros and Cons  Strength:  Simple and really very fast (order of 1000 to 10000 faster than asymmetric mechanisms)  Super-fast (and somewhat more secure) if done in hardware (3DES, Rijndael)  Weakness:  Must agree the key beforehand  Securely pass the key to the other party

7 Key Distribution Problem  In symmetric key cryptosystems  Over complete graph with n nodes, n C 2 = n(n-1)/2 pairs secret keys are required.  Example: n=100, 99 x 50 = 4,950 keys are required  Problem: Managing large number of keys and keeping them in a secure manner is difficult Secret keys are required between (a,b), (a,c), (a,d), (a,e), (b,c), (b,d), (b,e), (c,d), (c,e), (d,e) b a c d e

8 The briefcase example with unshared key The briefcase has to be sent back and forward three times, which seems pretty inefficient.

9 9 Desirable properties Use briefcase example to come up with a specification that are desirable for any cipher system that is to be used between two entities who do not already share a symmetric key.

10 Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates

11 Public-Key Cryptography  Probably most significant advance in the history of cryptography  Uses two keys – a public & a private key  One for encryption and another one for decryption  Knowledge of the encryption key doesn’t give knowledge of the decryption key  Asymmetric since parties are not equal  Uses number theoretic concepts to function  Complements rather than replaces private key crypto

12 Analogy

13 Public-Key Cryptography issues  Developed to address two key issues:  key distribution – how to have secure communications in general without having to trust a KDC with your key  digital signatures – how to verify a message comes intact from the claimed sender

14 The Two Keys  Each party has two keys Alice’s Private key Alice’s Public key Alice Bob’s Private key Bob’s Public key Charlie’s Private key Charlie’s Public key BobCharlie

15 Main uses of Each Key  A public-key  Public to anybody  used to encrypt messages and verify signatures  A private-key  known only to the owner  used to decrypt messages, and sign (create) signatures

16 How does 2 different keys work?  Just an very simple example:  Public Key = 4, Private Key = 1/4, message M = 5  Encryption:  Ciphertext C = M * Public Key  5 * 4 = 20  Decryption:  Plaintext M = C * Private Key  20 * ¼ = 5

17 An Example: Internet Commerce  Bob wants to use his credit card to buy some brownies from Alice over the Internet.  Alice sends her public key to Bob.  Bob uses this key to encrypt his credit-card number and sends the encrypted number to Alice.  Alice uses her private key to decrypt this message (and get Bob’s credit-card number).

18 Public Key Encryption Encryption “The quick brown fox jumps over the lazy dog” “Py75c%bn&*)9|fDe^bDFa q#xzjFr@g5=&nmdFg$5knv Md’rkvegMs” “The quick brown fox jumps over the lazy dog” Decryption Clear-text Input Clear-text Output Cipher-text Different keys Recipient’s public key Recipient’s private key private public

19 Hybrid Encryption Systems  All known public key encryption algorithms are much slower than the fastest secret-key algorithms.  In a hybrid system, Alice uses Bob’s public key to send him a secret shared session key.  Alice and Bob use the session key to exchange information.

20 Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates

21 A Digital Signature  Digital data that carries the intent of a signature related to a digital document  Use to demonstrate the authenticity of a digital message or document  A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit

22 Sender: Creating a Digital Signature 3kJfgf*£$& Py75c%bn This is the document created by Charlotte Message or File Digital Signature Message Digest Calculate a short message digest from even a long input using a one-way message digest function (hash) Charlotte’s private key priv Generate Hash SHA, MD5 Asymmetric Encryption RSA This is the document created by Charlotte 3kJfgf*£$& Signed Document (Typically 128 bits)

23 Receiver: Verifying a Digital Signature RSA This is the document created by Charlotte 3kJfgf*£$& Signed Document Py75c%bn Message Digest Generate Hash Charlotte's public key (from certificate) Asymmetric Decryption pub Digital Signature Py75c%bn Equal??

24 Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates

25 25  The simplest certificate just contains:  A public key  Information about the entity that is being certified to own that public key  … and the whole is  Digitally signed by someone trusted (like your friend or a CA) 2wsR46%frd EWWrswe(*^ $G*^%#%# %DvtrsdFDfd 3%.6,7 What is a Certificate ? pub 3kJfgf*£$&4d ser4@358g6 *gd7dT Certificate This public key belongs to Charlotte Digital Signature Can be a person or a computer or a device..

26 26 X.509 Certificate Who is the owner, CN=Charlotte,O=CERN,C=CH The public key or info about it Who is signing, O=CERN,C=CH Serial Number X.500 Subject Extensions X.500 issuer Expiration date Public Key CA Digital Signature Certificate Info See later why expiration date is important Additional arbitrary information … of the issuer, of course

27 Elements of Digital Cert.  A Digital ID typically contains the following information:  Your public key, Your name and email address  Expiration date of the public key, Name of the CA who issued your Digital ID

28 Certificate Validation  Essentially, this is just checking the digital signature  But you may have to “walk the path” of all subordinate authorities until you reach the root  Unless you explicitly trust a subordinate CA Check DS of Foobar “In BigRoot We Trust” (installed root CA certificate) Public key Certificate This public key belongs to Charlotte CERN Digital Signature Issued by: CERN Public key Certificate This public key belongs to CERN BigRoot Digital Signature` : Issued by: BigRoot Public key Certificate This public key belongs to BigRoot BigRoot Digital Signature Issued by: BigRoot Check DS of CERN

29 Q&A

Download ppt "Public Key Cryptography July 2011. Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates."

Similar presentations

Public Key Infrastructure – tell me in plain English AND THEN deep technical how PKI works Steve Lamb stephlam@microsoft.com http://blogs.technet.com/steve_lamb.

Public Key Infrastructure – tell me in plain English AND THEN deep technical how PKI works Steve Lamb
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.

Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
An understanding of PKI and some deployment hints BY Charles Anakweze CIS532 PKI = Public Key Infrastructure.

An understanding of PKI and some deployment hints BY Charles Anakweze CIS532 PKI = Public Key Infrastructure.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.

Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Similar presentations

Ads by Google