Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptography and PKI February 12, 2001 February 12, 2001 ABN AMRO.

Published byDwayne Richards Modified over 8 years ago

Similar presentations

Presentation on theme: "Cryptography and PKI February 12, 2001 February 12, 2001 ABN AMRO."— Presentation transcript:

1 Cryptography and PKI February 12, 2001 February 12, 2001 ABN AMRO

2 Agenda  Cryptography Today  PKI Algorithms  PKC Considerations  Strengths and Limitations

3 Cryptography Today - accountability, - fairness, - accuracy, and confidentiality. - accountability, - fairness, - accuracy, and confidentiality.

4 Cryptography Today Primary Prevention From Conception to Installation

5 Cryptography Today Possibility Acceptability

6 Cryptography Today THREAT MODEL What the system is designed to protect For whom How long What the system is designed to protect For whom How long

7 System Design number theory, complexity theory, Information theory, probability theory, abstract algebra, and formal analysis, among others. number theory, complexity theory, Information theory, probability theory, abstract algebra, and formal analysis, among others.

8 System Design security and accessibility, anonymity and accountability, privacy and availability security and accessibility, anonymity and accountability, privacy and availability

9 Implementation Problems bad random-number generators, don't check properly for error conditions, and leave secret information in swap files. bad random-number generators, don't check properly for error conditions, and leave secret information in swap files.

10 Cryptography for people Users want simplicity, convenience, and compatibility with existing (insecure) systems

11 State of Security Assume the WORST Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today.

12 Symmetric Key Plain Text Cipher Text

13 Cryptography and PKI

14 Things To Consider  Does the organization have enough resources/personnel to deploy and maintain the framework?  If so, do they possess the proper skill sets?  Will the security management model be centralized or decentralized?  What are the necessary components?  What vendors provide the necessary components?  do the components work together?

15 Public Key Infrastructure Algorithms: RSA, Diffie-Hellman, El Gamal, DSS.

16 RSA Key Generation Encryption Decryption Key Generation Encryption Decryption

17 DSS

18 PKC Considerations

19 Strengths & Limitations PKI Strengths  Enables organizations to streamline security  Ease of manageability and maintenance  Address security issues at the enterprise level  Total cost of ownership is reduced Strengths  Enables organizations to streamline security  Ease of manageability and maintenance  Address security issues at the enterprise level  Total cost of ownership is reduced Limitations  Interoperability between vendors and products  Interpretation of standards  Initial cost of implementation Limitations  Interoperability between vendors and products  Interpretation of standards  Initial cost of implementation

20 Popular VENDORS Baltimore Tech. Entrust Verisign Valicert DSS: iPlanet, Siemens, Critical Path, Oracle Baltimore Tech. Entrust Verisign Valicert DSS: iPlanet, Siemens, Critical Path, Oracle

Download ppt "Cryptography and PKI February 12, 2001 February 12, 2001 ABN AMRO."

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.

1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Security Systems Theory UG2 Module Introduction Themes 1. Top down design of security systems – security technologies as 'black boxes'. 2. Internal design.

Security Systems Theory UG2 Module Introduction Themes 1. Top down design of security systems – security technologies as 'black boxes'. 2. Internal design.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Overview of Cryptography Anupam Datta CMU Fall 2007-08 18739A: Foundations of Security and Privacy.

Overview of Cryptography Anupam Datta CMU Fall A: Foundations of Security and Privacy.

Similar presentations

Ads by Google