Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●

Published byEric Terry Modified over 8 years ago

Similar presentations

Presentation on theme: "COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●"— Presentation transcript:

1 COMP 424 Computer Security Lecture 09 & 10

2 Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ● Characteristics of a good protocol – Established in advance – All parties agree on it – Easy to understand – Complete: covers all that needs to be covered. – Secure: Does not permit actions that should not be allowed.

3 Key Management Protocols ● Key Exchange ● Done with or without a neutral third party ● Key distribution – Uses a centralized key distributor (Veri$ign) ● Key Escrow – Trusted agency holds copies of keys

4 Diffie-Hellman ● (does not require a third party 1) A and B exchange two numbers p and g. 2)Each chooses a 512-bit number, s1 and s2, and keeps it secret 3)Each raises g to its secret number mod p. (g s1 mod p) 4)They exchange these values and raise them to their secret numbers (g s1 mod p) s2. 5)They now have the same secret key with only one exchange.

5 Bucket brigade attack ● In intruder X can cause problems – A sends g KA mod p to B, but it is intercepted by X who sends g KX mod p to B. – B sends g KB mod p to A, but it is intercepted by X who sends g KX mod p to A. – X now shares a secret key with both A and B who are unaware of X – X now intercepts messages between A and B before passing them on (or not, or modifying them...)

6 Authentication with Digital Signatures ● A and B can use digital signatures to expose X. – A produces a hash, or fingerprint, of the message and encrypts it with A's private key. – B decrypts it with A's public key and can recompute the same hash on the message. – If it decrypts and has the same hash then ● It must have been written by A ● It could not have been changed since being written.

7 Properties of digital signatures ● Properties of Digital Signatures – Unforgeable – Authentic – Can't be modified once sent – Not reusable – Prevent repudiation

8 Key Distribution Protocols ● Key Distribution Center ● “Session” keys or long-term secret keys ● Session keys are for one session use only. ● Can use secret key (DH) or public key (RSA) protocols ● Can use authentication ● Kerberos

9 Key Escrow ● Encryption keys are escrowed to trustworthy agencies ● Requirements for a key escrow protocol – Encrypting source must be identified – The key is not identified – Key retrievable under k of n protocol

10 Clipper Encryption Protocol ● Strong public backlash – Loss of privacy from potential government intrusion – Unreleased algorithm – For Clipper k = n = 2 – Skipjack algorithm uses an 80-bit key so is considered safe for at least 36 years.

11 Elections ● Necessary to have untraceable (anonymous), but ligitimate communications ● Requirement for elections systems – Only authorized users – Each user can only vote once – Votes are private and secret ● Protocol uses public key encryption system

Download ppt "COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●"

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and applications Math 7290CryptographySu07.

Digital Signatures and applications Math 7290CryptographySu07.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Homework #4 Solutions Brian A. LaMacchia Portions © 2002-2006, Brian A. LaMacchia. This material is provided without.

Homework #4 Solutions Brian A. LaMacchia Portions © , Brian A. LaMacchia. This material is provided without.
UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.

UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Similar presentations

Ads by Google