Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 4 Using Encryption in Cryptographic Protocols & Practices.

Published byDerek Harper Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 4 Using Encryption in Cryptographic Protocols & Practices."— Presentation transcript:

1 Chapter 4 Using Encryption in Cryptographic Protocols & Practices

2 csci5233 computer security & integrity (Chap. 4) 2 Outline Protocols Use of protocols on “real” tasks –Distribution of keys, Certificates, Digital signatures, Key escrow, Mental poker, Electronic voting, oblivious transfer, contract signing, certified mail Criteria of good encryption practices Other security-enhancing methods –Block chaining, one-way encryption, cryptographic sealing, time stamps Other modes of using DES

3 csci5233 computer security & integrity (Chap. 4) 3 Using Encryption Just using encryption does not guarantee secrecy, privacy, or authenticity; it is the correct use of encryption that brings about these results. Cryptographic protocols: the appropriate ways to use encryption Encryption is the foundation of cryptographic protocols. A cryptographic protocol makes use of encryptions to solve a real-world problem.

4 csci5233 computer security & integrity (Chap. 4) 4 Cryptographic Protocols A protocol is an orderly sequence of steps two or more parties take to accomplish some task. Keywords: order, steps, task Characteristics of a protocol: –Established in advance –Mutually subscribed –Unambiguous –Complete Q: Is there anything missing in the above definition?

5 csci5233 computer security & integrity (Chap. 4) 5 Advantages of Protocols A protocol defines a high-level process of accomplishing a task. Its correctness can be verified at a high level. A protocol separates design of a solution from implementation of the solution. The implementation can be done in one of many ways. The underlying implementation of a protocol can be changed without affecting the design.

6 csci5233 computer security & integrity (Chap. 4) 6 Types of Protocols: Arbitrated protocols Fig. 4-1 (p.130): Arbitrated, adjudicated, and self- enforcing protocols Arbitrated protocols –An arbiter is a disinterested third party trusted to complete a transaction between two distrusting parties. –Example: Sale of a car between strangers –Another example: Credit card transaction –In a computer protocol, an arbiter is a trustworthy third party who ensures fairness. An arbiter is usually a program or a machine which forwards a message from one user to another in a computer network. –An arbiter participates in each transaction. Disadvantages –Hard to find an arbiter; cost of maintaining an arbiter; communication delay; network bottleneck; secrecy

7 csci5233 computer security & integrity (Chap. 4) 7 Types of Protocols: Adjudicated protocols An adjudicator is a third party who can judge whether a transaction was performed fairly, in case of a dispute. Example: a notary public, who attests the authenticity of a signed document An adjudicated protocol allows an adjudicator to examine transaction data to decide whether two disputing parties acted fairly. Advantages: less costly (compared to arbitrated protocols) Disadvantage: after-the-fact analysis, no prevention

8 csci5233 computer security & integrity (Chap. 4) 8 Types of Protocols: Self-enforcing protocols A self-enforcing protocol guarantees fairness of a transaction, without the presence of a third party. During the transaction, either party’s attempt to cheat becomes immediately obvious to the other party. Advantages: no such cost as those associated with arbitrated or adjudicated protocols Disadvantages: There is not a self-enforcing protocol for every situation.

9 csci5233 computer security & integrity (Chap. 4) 9 Using protocols to solve problems: Key distribution The problem: Changing keys frequently to ensure good cryptographic practice The appropriate frequency of key exchange is not simple to decide. Sample protocols for key distribution: –Symmetric key exchange w/o server –Symmetric key exchange with server –Asymmetric key exchange w/o server –Asymmetric key exchange with server

10 csci5233 computer security & integrity (Chap. 4) 10 Key distribution: (1) Symmetric key exchange w/o server Two users share a master key, K. A new key, K new is sent as E(K new, K) from one user to the other. Disadvantage: Every two users must share a key that is unique to them.  n (n-1) / 2 keys, for n users. Alternative solution: Use a key distribution center (next approach)

11 csci5233 computer security & integrity (Chap. 4) 11 Key distribution: (2) Symmetric key exchange with server Instead of having every two users share a master key, a key distribution center (KDC) shares a unique key with every user. Before user A can talk to user B, user A must get a fresh session key K AB from KDC. See Figure 4-2 (p.132) Q: How would Renee know that Pablo really got the key from the KDC?

12 csci5233 computer security & integrity (Chap. 4) 12 Key distribution: (2) Symmetric key exchange with server Q: How would Renee know that Pablo really got the key from the KDC? Given: K R - the key shared between Renee and the KDC K P - the key shared between Pablo and the KDC 1. Pablo sends (P, R, I P ) to the KDC 2. KDC sends K PR to Pablo, using the message E(I P, R, K PR, E((K PR,P), K R ), K P ). 3. Pablo sends to Renee E((K PR,P), K R ). Pros and Cons ?

13 csci5233 computer security & integrity (Chap. 4) 13 Key distribution: Asymmetric key exchange without server Rationale: (a) no need for individual keys; (b) no central repository of keys Given: Pablo’s public key, E P, and private key, D P. Renee’s public key, E R, and private key, D R. Q: Why doesn’t Pablo simply send the message M to Renee as E R (M)? Symmetric encryption incurs less overhead than public key encryption. The issue: Use public key encryption to exchange a symmetric key for encrypting further communications. Figure 4-3 (p.133): Pablo sends E R (D P (K)) to Renee.

14 csci5233 computer security & integrity (Chap. 4) 14 Key distribution: Asymmetric key exchange with server Allows users to request each other’s public keys from a server See Fig. 4-4 (p.134) Steps: 1.Pablo sends (P, R) to the KDC. 2.KDC sends D D (E R, R) to Pablo. 3.Pablo sends E R (P, I P ) to Renee. 4.Renee sends (R, P) to the KDC. 5.KDC sends D D (E P, P) to Renee. 6.Renee sends E P (I P, I R ) to Pablo. 7.Pablo sends E R (M, I R ) to Renee. M is a message, and is typically a symmetric key for both parties to further communicate (approach 3).

15 csci5233 computer security & integrity (Chap. 4) 15 Digital Certificates Question: In public key distribution discussed above, how can the KDC be sure that the registration of a public key for user U, (E U, U) is authentic? The solution: Certificates Ways for two people to establish trust without having met The “vouch for” concept: “Someone I trust trusts this person.” An example: Passing keys in an organization (bottom-up) Figure 4-5, 4-6 (p.137) The challenge: To obtain a binding of a public key, E U, with a reliable identity, U

16 csci5233 computer security & integrity (Chap. 4) 16 Digital Certificates A top-down approach of passing down authenticated identities  a chain of authenticators A certificate = (a user’s identity, the user’s public key) Each user has a certificate. Q: How is a user’s certificate created? Fig 4-8: Diana’s certificate = D Edward (Diana’s name & public key, a hash value generated by Edward based on Diana’s information) Delwyn’s certificate = D Diana (Delwyn’s name & public key, a hash value generated by Diana based on Delwyn’s information) + Diana’s certificate

17 csci5233 computer security & integrity (Chap. 4) 17 Digital Certificates Chain of certificates: Fig. 4-9 Question: Can certificates be created when there is no single person at the top, such as in e-commerce? p.139: An approach proposed by the Internet Society IS signs certificates for Policy Certifying Authorities; PCAs sign certificates for other agencies and individuals.

18 csci5233 computer security & integrity (Chap. 4) 18 Summary Next: Part B

Download ppt "Chapter 4 Using Encryption in Cryptographic Protocols & Practices."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Similar presentations

Ads by Google