A Novel Approach to combine Publickey encryption with Symmetrickey encryption


 Myra Reynolds
 3 years ago
 Views:
Transcription
1 Volume 1, No. 4, June 2012 ISSN The International Journal of Computer Science & Applications (TIJCSA) RESEARCH PAPER Available Online at A Novel Approach to combine Publickey encryption with Symmetrickey encryption Reena Sharma (Assistant Professor) Doon Velley Institute of Engg. & Tech. Karnal, Haryana ABSTRACT: P2P computing can be defined as the sharing of computer resources and services by direct exchange. P2P computing provides an alternative to the traditional client/server architecture, while employing the existing infrastructure of networks, servers, and clients. Security within network architectures is mainly a question about trust. The security solutions must be well organized so all participating entities will have faith in the security solutions. P2P is an application that runs on our computer and allows us to share files. Filesharing over P2P networks also puts the user at risk for computer viruses attached to the shared files. The security issues are especially important in peertopeer systems. It is because these systems are decentralized and no central administrator is responsible for the security issues. Secure data has to be protected during the transfer, if it is going to be sent to some other location. There are mainly two approaches used for authentication and encryption within a network. One approach uses symmetric algorithms with shared private keys and the other approach uses asymmetric algorithms with public keys. In this paper we are providing a novel approach to combine symmetric/public key encryption. In this paper we study the implementation of a secure application for both user and the employee. The primary focus of this paper is to provide a theoretical implementation of a new architecture for encrypting the database by combining the public key encrypton with symmetric key encryption. KEYWORDS: Data Encryption Standard, Rijndael Algorithm, Symmetric Encryption. Key Algorithm, Public Key INTRODUCTION: In this paper we have purposed a novel approach architecture for authentication in peertopeer networks by combining the public key encryption and secret keys encryption together. Using this concept for a new authentication mechanism we can provide an extreme secure environment by appropriately combining the symmetric key algorithms with the public key algorithms. We will also explain the public key and secret key algorithms and combine these algorithms to minimize the execution time and maximize the security. 2012,  TIJCSA All Rights Reserved 8
2 SECURITY: Security within network architectures is mainly a question about trust.the security issues are especially important in peertopeer systems. It is because these systems are decentralized and no central administrator is responsible for the security issues. In the P2P environment where every peer acts both as a client and a server, most of the users do not have any experience of how to support, run, or configure a server. This can open huge security holes in a system. PROPOSED CONCEPT: Here we are presenting a novel approach to combine the public key encryption with symmetric key encryption. The primary focus is to provide a theoretical implementation of a new architecture for encrypting the database. Major services offered by the intended application to both user and the employee are as follows:  Flexibility that it gives ability to add/delete users, services, employee, and documents.  Flexibility to change passwords. The secure application provides highly transparent environment to its users. There should be minimal input from the user due to security features.  The proposed application ensures that an administrator should not be able to decrypt the documents.  Recovery of documents is one of the key features that the proposed application offers is the forgotten passwords. In other words, the secure application makes sure that if a user forgets his/her password, they should not completely lose their documents.  Finally we design and develop this secure application by assuming that the communication is not secure at all. SECURITY MEASURES: One of the major objectives of the targeted secure application is to provide secure storage of the employee documents as well as maintaining authorized access to the documents for the authorized users. In order to maintain this level of security, there is a need to design a strong and secured application that let the documents of the employee being kept secret by implementing data Integrity and confidentiality as well as making the documents partially shared or available [LC08]. Our design approach, therefore, implements a complete line of defensive authentication and authorization cryptographic standards to protect the data and to maintain its integrity while at the same time making it available for the authorized users. In particular, in order to design and implement such a secured application, the following are the minimum key securityelements that should be addressed by us: User authentication and Authorization, Access Availability, Data encryption and decryption, Data integrity, and Document Accountability. Figure 1. shows the implementation of the above five security components for both employee as well as the users. Our proposed application uses the Rijndael cipher algorithm to perform data encryption and decryption. The key sharing will be secured by the implementation of the public key algorithm, RSA. The use of Rijndael cipher algorithm allows us to store the data in a compressed encrypted form which consequently results in a smallsize database. Moreover, we combine the secure hash algorithm 1 (SHA1) [SS09] with the RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) public key algorithm to generate the digital signature 2012,  TIJCSA All Rights Reserved 9
3 for user authentication. Previously, there were several attempts to combine the RSA algorithm with the other security mechanism to provide a fast and secure implementation. For instance, number of researchers combined RSA algorithm with the Chinese remainder theorem (CRT) [JM03, DW04]. However, none of them described the implementation detail of these algorithms. The goal of our research work is to provide an extreme secure environment by appropriately combining the secret key algorithms with the public key algorithms. KEY CLASSIFICATION: The terminology of Table 1 is used in reference to keying material. A symmetric cryptographic system is a system System Administrator Entity Employee Entity Services Offered User Entity Employee can assign document to courses Document Encryption/ Decryption Database Users can access Course documen t (Figure 1) involving two transformations one for the originator and one for the recipient both of which make use of either the same secret key (symmetric key) or two keys easily computed from each other. An asymmetric cryptographic system is a system involving two related transformations one defined by a public key (the public transformation), and another defined by a private key (the private transformation) with the property that it is computationally infeasible to determine the private transformation from the public transformation. SYMMETRIC KEY/PUBLIC KEY ENCRYPTION: Symmetrickey and publickey encryption have a number of complementary advantages. Current cryptographic systems exploit the strengths of each. An example will serve to illustrate. Publickey encryption techniques may be used to establish a key for a symmetrickey system being used by communicating entities A and B. In this scenario A and B can take advantage of the long term nature of the public/private keys of the publickey scheme and the performance efficiencies of the symmetrickey scheme. Since data encryption is frequently the most time consuming part of the encryption process, the publickey scheme for key establishment is a small fraction of the total encryption process between A and B. SYMMETRIC ENCRYPTION: 2012,  TIJCSA All Rights Reserved 10
4 In this type of encryption, the sender and the receiver agree on a secret (shared) key. Then they use this secret key to encrypt and decrypt their sent messages. For the process of symmetric cryptography, Node A and B first agree on the encryption technique to be used in encryption and decryption of communicated data. Then they agree on the secret key that both of them will use in this connection. After the encryption setup finishes, node A starts sending its data encrypted with the shared key, on the other side node B uses the same key to decrypt the encrypted messages. SECRET KEYS: Early cryptographic systems used secret key methods for encoding private data. Secret key cryptography depends on the use of private keys for authentication and encryption. Two parties have to exchange secret keys with each other over some private, secure communications channel, and these keys are used to encode and decode messages. The basis for the security of the system is the secret key itself, but the secret key must be given to any agent that needs to communicate securely with you. This opens up the possibility of keys being stolen in transit, and finding a separate, secure way to transmit secret keys may be inconvenient, expensive, or just impossible. PUBLIC KEY ENCRYPTION: Public key encryption is the other type of encryption where two keys are used. To explain more, what Key1 can encrypt only Key2 can decrypt, and vice versa. It is also known as Public Key Cryptography (PKC), because users tend to use two keys: public key, which is known to the public, and private key which is known only to the user. For the process of public key encryption we use the two keys between node A and node B. After agreeing on the type of encryption to be used in the connection, node B sends its public key to node A. Node A uses the received public key to encrypt its messages. Then when the encrypted messages arrive, node B uses its private key to decrypt them. In 1976, Diffie and Hellman [DW76] published a paper describing a means for two parties to share cryptographic keys over a public communications channel without compromising the security of their private transmissions. Essentially, the technique involves the use of two keys by each party, a private key and a public key. A message encrypted with one party's public key can only be decrypted with that party's private key. PUBLIC KEYS: At the start of a conversation, two parties independently choose random private keys, which they keep to themselves. Then they generate a public key that is based on their private key. This public key can be freely shared with anyone, and can be used to encrypt messages to the party that owns the corresponding private key. Term private key, public key symmetric key Secret key Meaning Paired keys in an asymmetric cryptographic system key in a symmetric (singlekey) cryptographic system Adjective used to describe private or symmetric key Table 1: Private, public, Symmetric, and Secret keys. 2012,  TIJCSA All Rights Reserved 11
5 PUBLIC KEY ALGORITHM: Public key algorithms use a different key for encryption and decryption, and the decryption key cannot (practically) be derived from the encryption key. Public key methods are important because they can be used to transmit encryption keys or other data securely even when the parties have no opportunity to agree on a secret key in private. All known methods are quite slow, and they are usually only used to encrypt session keys (randomly generated "normal" keys), that are then used to encrypt the bulk of the data using a symmetric cipher. RSA (RivestShamirAdelman): is the most commonly used public key algorithm. Can be used both for encryption and for signing. It is generally considered to be secure when sufficiently long keys are used (512 bits is insecure, 768 bits is moderately secure, and 1024 bits is good). The security of RSA relies on the difficulty off actoring large integers. Dramatic advances in factoring large integers would make RSA vulnerable. RSA is currently the most important public key algorithm. It is patented in the United States (expires year 2000), and free elsewhere. This is the most widely used public key algorithm. It is relatively easy to understand and implement.one should know that RSA is very vulnerable to Chosen paint attack. There is also a new timing attack. that can be used to break many implementations of RSA. The RSA algorithm is believed to be safe when used properly, but one must be very careful when using it to avoid these attacks The RSA algorithm, named for its creators Ron Rivest, Adi Shamir, and Leonard Adleman, is currently one of the favorite public key encryption methods. Here is the algorithm: Key generation: o Select random prime numbers p and q, and check that p!= q o Compute modulus n = pq o Compute phi ф,= (p  1)(q  1) o Select public exponent e, 1 < e < ф such that gcd(e, ф) = 1 o Compute private exponent d = e  1 mod ф o Public key is {n, e}, private key is d Encryption: c = m e mod n, decryption: m = c d mod n Digital signature: s = H(m) d mod n, verification: m' = s e mod n, if m' = H(m) signature is correct. H is a publicly known hash function. DiffieHellman: is a commonly used publickey algorithm for key exchange. It is generally considered to be secure when sufficiently long keys and proper generators are used. The security of DiffieHellman relies on the difficulty of the discrete logarithm problem (which is believed to be computationally equivalent to factoring large integers). DiffieHellman is claimed to be patented in the United States, but the patent expires April 29, There are also strong rumors that the patent might in fact be invalid (there is evidence of it having been published over an year before the patent application was wiled). There is also a new timing attack that can be used to break many implementations of DiffieHellman. DSS (Digital Signature Standard): A signatureonly mechanism endorsed by the United States Government. Its design has not been made public, and many people have found potential problems with it (e.g., leaking hidden data the signature, and revealing your secret key if you ever happen to sign two different messages using the same random number). It was recently patented by the US government, and there is also another patent on it, which is licensed at an initial payment of USD plus royalties in US and Europe. 2012,  TIJCSA All Rights Reserved 12
6 SECRET KEY ALGORITHM: Secret key algorithms use the same key for both encryption and decryption (or the other is easily derivable from the other). DES (Digital Encryption Standard): is an algorithm developed in the 1970s. It was made a standard by the US government, and has also been adopted by several other governments worldwide. It is widely used, especially in the financial industry. DES is a block cipher with 64bit block size. It uses 56bit keys. DES utilized symmetrickey (or privatekey) encryption, in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. The key is a string of digits that has been generated by a complex mathematical algorithm, or formula. Privatekey encryption differs from publickey encryption, which utilizes two keys a public key to encrypt messages and a private key to decrypt them. Privatekey systems are simpler and faster, but their main drawback is that both parties must somehow exchange the key in a secure manner. Publickey encryption avoids this problem because the public key can be distributed in a nonsecure way, and the private key is never transmitted. In the former case, secrecy is shared between only two users, whereas in the latter, the public key is a more or less an "open secret." Thus, publickey encryption requires many more bits to rival privatekey systems' level of protection. This form of encryption is fairly computer intensive, so what sometimes is done is to encrypt a onetime "secret key" with RSA technology, then encrypt the rest of the message with the secret key, then encrypt my signature in the second fashion. You then reverse this process so if the message and the signature are readable, you and only you can read it and you are ensured that I sent the message. Public key cryptography, when it's extended to include certificates for authenticating the owner of public keys, is a powerful way to authenticate agents and carry out secure communications with them. And we can carry out secure communications without the need for secondary, private channels for secret key transmissions. The main disadvantage to public key methods is the additional overhead involved in encoding and decoding information. Since it relies on a more complex mathematical algorithm, secure public key I/O involves using more CPU time per kilobyte of data transferred and received. Our proposed application (figure2) uses the Rijndael cipher algorithm to perform data encryption and decryption. The key sharing will be secured by the implementation of the public key algorithm, RSA. The use of Rijndael cipher algorithm allows us to store the data in a compressed encrypted form which consequently results in a smallsize database. Moreover, we combine the secure hash algorithm 1 (SHA1) [SS09] with the RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) public key algorithm to generate the digital signature for user authentication. Previously, there were several attempts to combine the RSA algorithm with the other security mechanism to provide a fast and secure implementation. For instance, number of researchers combined RSA algorithm with the Chinese remainder theorem (CRT) [JM03, DW04]. However, none of them described the implementation detail of these algorithms. The goal of our research work is to provide an extreme secure environment by appropriately combining the secret key algorithms with the public key algorithms. CONCLUSION: 2012,  TIJCSA All Rights Reserved 13
7 Combining these algorithms allows us to minimize the execution time (e.g., using private key algorithm such as DES rather than public key algorithm such as RSA) and maximize the security (e.g., using public key algorithm to avoid the use a secret key). For instance, RSA is about 1000 times slower than DES. This is partly a result of the fact that secure key lengths for public key algorithms are about 100 times longer than comparablestrength symmetric keys [KY09]. It is also a result of the fact that the mathematical operations required to implement the popular flavours of publickey encryption are much more complicated than those required for popular symmetrickey algorithms.using this concept for a new authentication mechanism we can provide an extreme secure environment by appropriately combining the symmetric key algorithms with the public key algorithms. The public key and secret key algorithms have been explained above and combining these algorithms allows us to minimize the execution time and maximize the security. (Figure2) Block diagram to combine Public key Encryption with Symmetric key encryption. Users: employee or/and users Username Password Derived Bytes Algorithm Message (M) M KEY (K) IV HASH: SHA1 Algorithm Uses the Key (K) to encrypt the message (M) Encryption Rijndael Algorithm Message Digest (MD) (Generating public, private & secret key) Encrypted Message IV KEY (K) Digital Signature RSA & DES Algorithm Secret Key, Private key & Public Key MD Receiver Rijndael Algorithm & DES Algorithm SHA1 Algorithm Digital Signature (DS) Message Digest (MD) Message Digest (MD) = 2012,  TIJCSA All Rights Reserved 14
8 REFERENCES: [DW76] Diffie, W., and Hellman, M. New Directions in Cryptography. IEEE Trans. Info. Theory 22 (1976), [JV02] J. Daemen and V. Rijmen. The Design of Rijndael: AES The Advanced Encryption Standard [JM03] J. Blömer, M. Otto, J. Seifert. A new CRTRSA algorithm secure against bellcore attacks. Proceedings of the 10th ACM Conference on Computer and Communications Security, pp , Washington D.C., USA, October [ DW04] D. Wagner. Cryptanalysis of a provably secure CRTRSA algorithm. Proceedings of the 11th ACM conference on Computer and communications security, pp , Washington D.C., USA, [LC08] L. Catuogno and A. Santis. An internet rolegame for the laboratory of network security course. Proceedings of the 13th annual conference on Innovation and technology in computer science education, pp , June [JB09] Jalpa Bani and Syed S. Rizvi. A New Dynamic Cache Flushing (DCF) Algorithm for reventing Cache Timing Attack. International Journal of Computer Science and Information Security (IJCSIS). Vol. 4, No.1, pp , [SS09] S. Sanadhya and P. Sarkar. A new hash family obtained by modifying the SHA2 family. Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp , Sydney, Australia, [KY09] K. Yumbul and E. Savas. Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit. Proceedings of the 2nd international conference on Security of information and networks, pp , Famagusta, North Cyprus, [SA09] Syed S. Rizvi, Aasia Riasat, Khaled M. Elleithy. Combining private and public key encryption techniques, International journal of network security & its application (IJNSA), Vol.2, No.1, ,  TIJCSA All Rights Reserved 15
COMBINING PRIVATE AND PUBLIC KEY ENCRYPTION TECHNIQUES FOR PROVIDING EXTREME SECURE ENVIRONMENT FOR AN ACADEMIC INSTITUTION APPLICATION
COMBINING PRIVATE AND PUBLIC KEY ENCRYPTION TECHNIQUES FOR PROVIDING EXTREME SECURE ENVIRONMENT FOR AN ACADEMIC INSTITUTION APPLICATION 1 Syed S. Rizvi, 2 Aasia Riasat, 3 Khaled M. Elleithy 1, 3 Computer
More informationThe Mathematics of the RSA PublicKey Cryptosystem
The Mathematics of the RSA PublicKey Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More information1720  Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720  Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationCryptography and Network Security Chapter 9
Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,
More informationCRYPTOGRAPHY IN NETWORK SECURITY
ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIENCHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can
More informationPublic Key (asymmetric) Cryptography
PublicKey Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 PublicKey Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown PublicKey Cryptography
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; DH key exchange; Hash functions; Application of hash
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an applicationlevel protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 81
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 81 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationAN IMPLEMENTATION OF HYBRID ENCRYPTIONDECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES
HYBRID RSAAES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTIONDECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh
More informationIMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT
INTERNATIONAL JOURNAL OF RESEARCH IN COMPUTER APPLICATIONS AND ROBOTICS ISSN 23207345 IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT Merlin Shirly T 1, Margret Johnson 2 1 PG
More informationSECURITY IMPROVMENTS TO THE DIFFIEHELLMAN SCHEMES
www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIEHELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationLukasz Pater CMMS Administrator and Developer
Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? Oneway functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA DiffieHellman Key Exchange Public key and
More informationCryptography and Network Security
Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA PrivateKey Cryptography traditional private/secret/single key cryptography uses one key shared
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationMathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, JanuaryJune 2013 Copyright Mind Reader Publications ISSN No: 22309888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
More informationCryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice
Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationPeertoPeer Networks Anonymity (1st part) 8th Week
PeertoPeer Networks Anonymity (1st part) 8th Week Department of Computer Science 1 Motivation Society Free speech is only possible if the speaker does not suffer negative consequences Thus, only an anonymous
More informationSoftware Tool for Implementing RSA Algorithm
Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the mostcommon used algorithms for publickey
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationSecurity. Contents. S72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Maninthemiddle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationPublic Key Cryptography Overview
Ch.20 PublicKey Cryptography and Message Authentication I will talk about it later in this class Final: Wen (5/13) 16301830 HOLM 248» give you a sample exam» Mostly similar to homeworks» no electronic
More informationAC76/AT76 CRYPTOGRAPHY & NETWORK SECURITY DEC 2014
Q.2a. Define Virus. What are the four phases of Viruses? In addition, list out the types of Viruses. A virus is a piece of software that can infect other programs by modifying them; the modification includes
More informationThe science of encryption: prime numbers and mod n arithmetic
The science of encryption: prime numbers and mod n arithmetic Go check your email. You ll notice that the webpage address starts with https://. The s at the end stands for secure meaning that a process
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More information2. Securing Transactions
INVESTIGATING THE EFFICIENCY OF CRYPTOGRAPHIC ALGORITHMS IN ONLINE TRANSACTIONS C. Lamprecht 1 A. van Moorsel P. Tomlinson N. Thomas School of Computing Science, University of Newcastle upon Tyne, UK Abstract
More informationSecure File Transfer Using USB
International Journal of Scientific and Research Publications, Volume 2, Issue 4, April 2012 1 Secure File Transfer Using USB Prof. R. M. Goudar, Tushar Jagdale, Ketan Kakade, Amol Kargal, Darshan Marode
More informationA Factoring and Discrete Logarithm based Cryptosystem
Int. J. Contemp. Math. Sciences, Vol. 8, 2013, no. 11, 511517 HIKARI Ltd, www.mhikari.com A Factoring and Discrete Logarithm based Cryptosystem Abdoul Aziz Ciss and Ahmed Youssef Ecole doctorale de Mathematiques
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and nonrepudiation. How to obtain a digital certificate. Installing
More informationNetwork Security. HIT Shimrit TzurDavid
Network Security HIT Shimrit TzurDavid 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More information7! Cryptographic Techniques! A Brief Introduction
7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (PublicKey) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures
More informationNotes on Network Security Prof. Hemant K. Soni
Chapter 9 Public Key Cryptography and RSA PrivateKey Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications
More informationACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES. Daniela Bojan and Sidonia Vultur
ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES Daniela Bojan and Sidonia Vultur Abstract.The new services available on the Internet have born the necessity of a permanent
More informationCS 348: Computer Networks.  Security; 30 th  31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks  Security; 30 th  31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More informationCryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.
Cryptosystems Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K. C= E(M, K), Bob sends C Alice receives C, M=D(C,K) Use the same key to decrypt. Public
More informationSecure Network Communication Part II II Public Key Cryptography. Public Key Cryptography
Kommunikationssysteme (KSy)  Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 20002001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem
More informationA SOFTWARE COMPARISON OF RSA AND ECC
International Journal Of Computer Science And Applications Vol. 2, No. 1, April / May 29 ISSN: 97413 A SOFTWARE COMPARISON OF RSA AND ECC Vivek B. Kute Lecturer. CSE Department, SVPCET, Nagpur 9975549138
More informationChapter 7 TransportLevel Security
Cryptography and Network Security Chapter 7 TransportLevel Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8  Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
More informationTable of Contents. Bibliografische Informationen http://dnb.info/996514864. digitalisiert durch
1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...
More informationDiscrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier
Discrete logarithms within computer and network security Prof Bill Buchanan, Edinburgh Napier http://asecuritysite.com @billatnapier Introduction. Encryption: Public/Private Key. Key Exchange. Authentication.
More informationMANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS
INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND SCIENCE MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS Kanchupati Kondaiah 1, B.Sudhakar 2 1 M.Tech Student, Dept of CSE,
More informationPublic Key Cryptography and RSA. Review: Number Theory Basics
Public Key Cryptography and RSA Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Review: Number Theory Basics Definition An integer n > 1 is called a prime number if its positive divisors are 1 and
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 81
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 81 Goals v understand principles of network security: cryptography and its many uses beyond
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationSome solutions commonly used in order to guarantee a certain level of safety and security are:
1. SSL UNICAPT32 1.1 Introduction The following introduction contains large excerpts from the «TCP/IP Tutorial and Technical Overview IBM Redbook. Readers already familiar with SSL may directly go to section
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an applicationlayer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING
ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING Sonam Mahajan 1 and Maninder Singh 2 1 Department of Computer Science Engineering, Thapar University, Patiala, India 2 Department of Computer Science Engineering,
More informationSeparable & Secure Data Hiding & Image Encryption Using Hybrid Cryptography
502 Separable & Secure Data Hiding & Image Encryption Using Hybrid Cryptography 1 Vinay Wadekar, 2 Ajinkya Jadhavrao, 3 Sharad Ghule, 4 Akshay Kapse 1,2,3,4 Computer Engineering, University Of Pune, Pune,
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure email transport
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationAn Efficient data storage security algorithm using RSA Algorithm
An Efficient data storage security algorithm using RSA Algorithm Amandeep Kaur 1, Sarpreet Singh 2 1 Research fellow, Department of Computer Science and Engineering, Sri Guru Granth Sahib World University,
More informationCloud Security and Algorithms: A Review Divya saraswat 1, Dr. Pooja Tripathi 2 1
Cloud Security and Algorithms: A Review Divya saraswat 1, Dr. Pooja Tripathi 2 1 M.Tech Dept. of Computer Science, IPEC, Ghaziabad, U.P. 2 Professor, Dept. of Computer science, IPEC, Ghaziabad, U.P. Abstract:
More informationPublic Key Cryptography. c Eli Biham  March 30, 2011 258 Public Key Cryptography
Public Key Cryptography c Eli Biham  March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known apriori to all the users, before they can encrypt
More informationCryptography & Digital Signatures
Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.
More informationOverview of PublicKey Cryptography
CS 361S Overview of PublicKey Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.16 slide 2 PublicKey Cryptography public key public key? private key Alice Bob Given: Everybody knows
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationDigital Signatures. Meka N.L.Sneha. Indiana State University. nmeka@sycamores.indstate.edu. October 2015
Digital Signatures Meka N.L.Sneha Indiana State University nmeka@sycamores.indstate.edu October 2015 1 Introduction Digital Signatures are the most trusted way to get documents signed online. A digital
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationCryptography and Security
Cunsheng DING Version 3 Lecture 17: Electronic Mail Security Outline of this Lecture 1. Email security issues. 2. Detailed introduction of PGP. Page 1 Version 3 About Electronic Mail 1. In virtually all
More informationLecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationAStudyofEncryptionAlgorithmsAESDESandRSAforSecurity
Global Journal of Computer Science and Technology Network, Web & Security Volume 13 Issue 15 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationMathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information
The : Keeping Eve The Eavesdropper Away From Your Credit Card Information Department of Mathematics North Dakota State University 16 September 2010 Science Cafe Introduction Disclaimer: is not an internet
More informationUSING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationPGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO
PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO In The Next 15 Minutes, You May Know What is PGP? Why using PGP? What can it do? How did it evolve? How does it work? How to work it? What s its limitation?
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business knowhow, or photographs  in short, anything that must be kept safe.
More informationSecure ECommerce: Understanding the Public Key Cryptography Jigsaw Puzzle
CRYPTOGRAPHY Secure ECommerce: Understanding the Public Key Cryptography Jigsaw Puzzle Viswanathan Kodaganallur, Ph.D. Today almost all organizations use the Internet extensively for both intra and interorganizational
More informationReview of methods for secret sharing in cloud computing
Review of methods for secret sharing in cloud computing Dnyaneshwar Supe Amit Srivastav Dr. Rajesh S. Prasad Abstract: Cloud computing provides various IT services. Many companies especially those who
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationElements of Security
Elements of Security Dr. Bill Young Department of Computer Sciences University of Texas at Austin Last updated: April 15, 2015 Slideset 8: 1 Some Poetry Mary had a little key (It s all she could export)
More informationSymmetric Key cryptosystem
SFWR C03: Computer Networks and Computer Security Mar 811 200 Lecturer: Kartik Krishnan Lectures 222 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single
More informationEXAM questions for the course TTM4135  Information Security May 2013. Part 1
EXAM questions for the course TTM4135  Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationKy Vu DeVry University, Atlanta Georgia College of Arts & Science
Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Table of Contents  Objective  Cryptography: An Overview  Symmetric Key  Asymmetric Key  Transparent Key: A Paradigm Shift  Security
More informationData Grid Privacy and Secure Storage Service in Cloud Computing
Data Grid Privacy and Secure Storage Service in Cloud Computing L.Revathi 1, S.Karthikeyan 2 1 Research Scholar, Department of Computer Applications, Dr. M.G.R. Educational and Research Institute University,
More informationNetwork Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 035742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室
Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 035742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram522502,
More informationElements of Applied Cryptography Public key encryption
Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let
More informationIntroduction to Cryptography
Introduction to Cryptography Part 3: real world applications JeanSébastien Coron January 2007 Publickey encryption BOB ALICE Insecure M E C C D channel M Alice s publickey Alice s privatekey Authentication
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Prerequisites in Information and Network Security Chapter
More informationJournal of Electronic Banking Systems
Journal of Electronic Banking Systems Vol. 2015 (2015), Article ID 614386, 44 minipages. DOI:10.5171/2015.614386 www.ibimapublishing.com Copyright 2015. Khaled Ahmed Nagaty. Distributed under Creative
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS70006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationAuthentication, digital signatures, PRNG
Multimedia Security Authentication, digital signatures, PRNG Mauro Barni University of Siena Beyond confidentiality Up to now, we have been concerned with protecting message content (i.e. confidentiality)
More informationClient Server Registration Protocol
Client Server Registration Protocol The ClientServer protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationNetwork Security Essentials Chapter 5
Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 TransportLevel Security Use your mentality Wake up to reality From the song, "I've Got
More informationSFWR ENG 4C03  Computer Networks & Computer Security
KEY MANAGEMENT SFWR ENG 4C03  Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,
More informationSecure Key Exchange for Cloud Environment Using Cellular Automata with TripleDES and ErrorDetection
Secure Key Exchange for Cloud Environment Using Cellular Automata with TripleDES and ErrorDetection Govinda.K 1, Sathiyamoorthy.E *2, Surbhit Agarwal 3 # SCSE,VIT University Vellore,India 1 kgovinda@vit.ac.in
More informationRSA Keys with Common Factors
RSA Keys with Common Factors Joppe W. Bos Cryptography group extreme Computing Group, Microsoft Research 1 / 19 Outline 2 / 19 PublicKey Cryptography 3 / 19 Cryptanalysis of PublicKey Cryptography Popular
More information