# SECURITY IN LOW RESOURCE ENVIRONMENTS

Size: px
Start display at page:

## Transcription

2 becomes KHOOR. Anyone possessing the secret key n = 3 can decrypt by shifting back three letters. In a symmetric cryptosystem, the method used of encrypting and decrypting is the same, hence the term symmetric. Any individual in possession of the secret key can encrypt and decrypt messages at will. There are many known deficiencies in symmetric encryption, particularly in a local network, but because this method is computationally efficient it is used in many commercial applications like WiFi networks. Perhaps the biggest problem to arise is that if the secret key is shared by a large number of users there is a great danger that it can get into the hands of an intruder, thereby compromising all confidential information. One solution to this problem is to routinely change and redistribute keys. But how do you transport the secret key from the sender to the recipient securely and in a tamperproof fashion? This leads to another significant problem - the generation, transmission, and storage of secret keys, which is called key management. The most important solution to the key management problem was obtained by Whitfield Diffie and Martin Hellman in 1976 ([Diffie Hellman, 1976]) who introduced public key cryptography. In a public key protocol there is a public key (known to everybody) and a protocol (known to everybody). There is also a private key which is in the sole possession of the intended recipient. Anyone can send an encrypted message by just using the public key and the public protocol, but the message can only be decrypted by someone who is in possession of the private key. It is not necessary to know the private key in order to encrypt a message! In practice, the public key protocol is used to securely distribute keys, thereby, solving the key management problem. There are several current public key cryptosystems in wide commercial use including RSA, Diffie-Hellman, and Elliptic Curve Cryptography (ECC). Each of these systems has as its foundation the mathematical field of number theory. The security of these systems is based on the hardness of factoring, the discrete log problem in finite fields, and the discrete log problem in elliptic curves, respectively. inherently slow because they require the multiplication and division of very large numbers. ECC does run faster than RSA but still requires long and time consuming computations on geometric objects (elliptic curves). These methods simply cannot fit on a small RFID tag (e.g. EPCglobal Class 1 Generation 2 tag) without compromising security. An RSA or Diffie-Hellman key transfer (1024 bits) requires about 1000 repeated squarings and divisions of a 1024 bit number. Just one such squaring and division could take several seconds on a low resource chip. Clearly, 1000 such operations cannot be performed in feasible time on a processor with very few gates and low memory storage capability. The ECC cryptosystem can reduce the running time of an RSA computation by as much as 3 to 10 times, but it is still not possible to fit such a system on a low cost processor. If RFID systems are going to provide the needed authentication, data protection, and repudiation at the tag-reader level then a new methodology will clearly be needed. THE ALGEBRAIC ERASER : A BREAKTHROUGH SOLUTION FOR THE FUTURE In order to work within the space and time constraints of a low resource environment the SecureRF team has developed the ground breaking concept of the Algebraic Eraser TM (AE). The AE is the engine within the SecureRF security solutions that supports a wide range of crypto functions including authentication, data protection, and repudiation. An asymmetric cryptosystem using the AE protocol would function as follows: a public key first leaves an imprint on a private key, and then the result of this process is put through a cloaking function. The security of the system lies in the fact that this process is not feasibly reversible, i.e., the required data which would allow for the system to be reversed (and hence broken) has been effectively erased by the AE process itself. The above public key protocols cannot, and never will address the security issue in low resource environments due to their computational foundations. Each of these protocols run in quadratic time and each are SecureRF White Paper 2 January 2006

3 Public Imprinting Function Cloaking Function Private Key Algebraic Eraser local network with many users. Each user will be in possession of a public key (known to everybody and published in a directory) and a private key known only to the user. A message can be sent to a particular user by encrypting the message with the public key of the user. Only the particular user can decrypt the message, because only he (or she) has possession of the required private key. The same process can be used for authentication. Shared Secret Key Traditional asymmetric cryptosystems have had their mathematical foundations either in classical number theory, finite fields, or elliptic curve theory. A relatively new branch of modern mathematics is infinite group theory which is the study of a group of infinitely many reversible operations such as the braiding of strings. A significant feature of the Algebraic Eraser is that it is based on the dynamic synergy between two distinct mathematical theories: infinite group theory number theory. By bringing two fields together in this revolutionary manner, the security of the cryptosystem is enhanced by having a broader foundation. The complimentary nature of these combined theories eliminates corresponding weaknesses in each field resulting in fewer attack points. Infinite group theory brings a new security foundation that is akin to the fact that an ordinary fishing line can get entangled in a few seconds while it may take hours to untangle. The SecureRF cryptosystem in its most basic form allows for a transmitter and receiver in a low resource environment to have a communication/exchange over a public channel after which the transmitter and receiver are both in possession of a shared secret key that can be used for further cryptographic applications. An adversary eavesdropping on the open public channel will be unable to determine the shared secret key due to the cloaking properties of the AE. The AE can be used for authentication and encryption as follows. Assume we have a The AE is the world s first protocol to run in linear time in the key length and use very little memory because it is erasing information as the algorithm proceeds. This is opposed to traditional asymmetric cryptosystems which run in quadratic time and require a lot of storage in order to perform multiplication and division of very large numbers. In practice, this means the running time of the AE protocol is thousands of times faster than traditional asymmetric cryptosystems, and it can perform authentication and encryption in real time on extremely small low cost processors such as inexpensive RFID tags. The AE protocol can be performed in approximately 500,000 elementary bit operations to create a shared secret key of 512 bits with a running time which is several thousand times faster than the running time for the creation of an equally secure RSA or Diffie-Hellman key. The running time is also several hundred times faster than the protocol for the creation of an ECC key. The only attack known on this system, at present, is a brute force attack which is analogous to trying every combination on a combination lock. Such a brute force attack requires years of computer time. The extraordinary gain in computational expense makes the SecureRF cryptosystem ideal for low resource computing environments. The following chart gives comparisons of the running times (in bit operations per second) between RSA, ECC, and AE in terms of security level. The blue line represents the very slow running time capability of low cost RFID chips. Note that both RSA and ECC can only work on low cost RFID in an insecure mode if at all. The AE protocol, on the other hand, runs in linear time and can operate securely on a low cost RFID chip. SecureRF White Paper 3 January 2006

4 Bit Operations Per Second a 1MHz sweet-spot in the power consumption vs. computational throughput tradeoff. Low Cost RFID Insecure RSA ECC Security STRATEGIC ADVANTAGES The incredible speed and efficiency of the Algebraic Eraser makes it a breakthrough innovation in cryptography. Some of its important strategic advantages and avenues of applications are: AE As the promise of RFID grows exponentially so does the demand for good security methods that can support the significant privacy concerns this technology raises. Many of the initial adopters; the Department of Defense, the FDA, the financial sector, and Homeland Security all have obvious needs for security in their implementations. As consumers come to understand the power and capability of RFID we can now see their demands to address privacy issues further promoting the need for good security. Until now, the industry has unsuccessfully turned to 20 year old commercial protocols to address these security needs and we have seen that they simply can not operate in the low-resource world of RFID. SecureRF, and the Algebraic Eraser, offers the first real cryptographically strong solutions that can uniquely deliver the safety and security demanded by the government and commercial implementations now underway.. Algorithms run in linear time with respect to key length and employ highly nonlinear operations in a non-commutative infinite algebraic structure making for extremely high security. Disposable keys which can be created as needed. Real time authentication in extremely low resource environments. SecureRF encryption technologies employ novel algebraic methods so there is no need for heroic efforts on the part of VLSI designers to achieve performance bounds at prohibitive costs. SecureRF technology can be used to produce highly efficient and low cost PRNG s (pseudorandom number generators), hash functions, and stream ciphers. The first linear time public key cryptosystem that can fit on a processor of 8K ROM, 256 bytes of RAM and 256 bytes of non-volatile memory, which can be clocked over a wide range and has SecureRF White Paper 4 January 2006

5 REFERENCES [Chasney 2005] J. Chasney, Are Contactless Payment Cards Tickets to Wholesale Fraud?, CIO Insight (August 18, 2005) Available at 341,00.asp [Diffie Hellman, 1976] W. Diffie, M.E. Hellman, New directions in cryptography, IEEE Trans. Inform. Theory, IT-22, 6, (1976), pages [Garfinkel-Juels-Pappu 2005] S.L. Garfinkel, A. Juels and R. Pappu, RFID Privacy and Security: An Overview of Problems and Proposed Solutions, IEEE SEcurity and Privacy, Volume 3 Number 3 (May/June 2005), pages [Hachman 2004] M. Hachman, RFID Hack Could Allow Retail Fraud, eweek (July 29, 2004). Available at 4,00.asp [Hancke 2005] G. Hancke, A Practical Relay Attack on ISO Proximity Cards, University of Cambridge Manuscript (February 2005). Available at [Rothfeder 2004] J. Rothfeder, What s Wrong with RFID?, CIO Insight (August 1, 2004) Available at 44,00.asp [Sarma 2005] S. Sarma, A History of EPC, in RFID Applications, Security and Privacy, edited by S. Garfinkel and B. Rosenberg, Addison Wesely (2005), Chapter 3, pages [Schwartz 2005] J. Schwartz, Graduate Cryptographers Unlock Code of Thiefproof Car Key, New York Times (January 29, 2005). Available from nytimes.com at ml?adxnnl=1&adxnnlx= SecureRF White Paper 5 January 2006

### Privacy and Security in library RFID Issues, Practices and Architecture

Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library

### Lightweight Cryptography. Lappeenranta University of Technology

Lightweight Cryptography Dr Pekka Jäppinen Lappeenranta University of Technology Outline Background What is lightweight Metrics Chip area Performance Implementation tradeoffs Current situation Conclusions

### Strengthen RFID Tags Security Using New Data Structure

International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

### Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

### RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for

### Notes on Network Security Prof. Hemant K. Soni

Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications

### The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

### CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC

### Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

### Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

### Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

### Security in Near Field Communication (NFC)

Security in Near Field Communication (NFC) Strengths and Weaknesses Ernst Haselsteiner and Klemens Breitfuß Philips Semiconductors Mikronweg 1, 8101 Gratkorn, Austria ernst.haselsteiner@philips.com klemens.breitfuss@philips.com

### Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart OV-Chipkaart Security Issues Tutorial for Non-Expert Readers The current debate concerning the OV-Chipkaart security was

### Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

Kommunikationssysteme (KSy) - Block 8 Secure Network Communication Part II II Public Key Cryptography Dr. Andreas Steffen 2000-2001 A. Steffen, 28.03.2001, KSy_RSA.ppt 1 Secure Key Distribution Problem

### Cryptography and Network Security

Cryptography and Network Security Fifth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared

### A Study on the Security of RFID with Enhancing Privacy Protection

A Study on the Security of RFID with Enhancing Privacy Protection *Henry Ker-Chang Chang, *Li-Chih Yen and *Wen-Chi Huang *Professor and *Graduate Students Graduate Institute of Information Management

### CRYPTOGRAPHY IN NETWORK SECURITY

ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

1 Introduction to Cryptography and Data Security 1 1.1 Overview of Cryptology (and This Book) 2 1.2 Symmetric Cryptography 4 1.2.1 Basics 4 1.2.2 Simple Symmetric Encryption: The Substitution Cipher...

### RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project

RFID Security and Privacy: A Research Survey Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey 1. Introduction 2. Security and privacy problems 3. Basic RFID tags 4.

### Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

### Computer Security: Principles and Practice

Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography

### Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

### RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

### Cryptography and Network Security Chapter 10

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central

### Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO

INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Private and Public Key Cryptography and Ransomware December 2014 Authored by:ted Fischer (CIS) Security Operations

### 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

### Client Server Registration Protocol

Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

### Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two

### SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,

### Guide to Data Field Encryption

Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations

### Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

### Overview of CSS SSL. SSL Cryptography Overview CHAPTER

CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

### An Introduction to Cryptography and Digital Signatures

An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through

### Associate Prof. Dr. Victor Onomza Waziri

BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,

### Mobile Medical Records. Project Proposal

Mobile Medical Records Project Proposal Paul Brittan Shelley-Ann Petzer Table of Contents 1. Project Description... 2 2. Problem Statement... 2 2.1 Research Aims... 2 2.1.1 The performance comparisons

### White Paper. Enhancing Website Security with Algorithm Agility

ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

### IT Networks & Security CERT Luncheon Series: Cryptography

IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI

### SPINS: Security Protocols for Sensor Networks

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, J.D. Tygar, Victor Wen, and David Culler Department of Electrical Engineering & Computer Sciences, University of California

### Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

### CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

### The science of encryption: prime numbers and mod n arithmetic

The science of encryption: prime numbers and mod n arithmetic Go check your e-mail. You ll notice that the webpage address starts with https://. The s at the end stands for secure meaning that a process

### YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is

### Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

### The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems

### Enabling the secure use of RFID

Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

### ID-based Cryptography and Smart-Cards

ID-based Cryptography and Smart-Cards Survol des techniques cryptographiques basées sur l identité et implémentation sur carte à puce The Need for Cryptography Encryption! Transform a message so that only

### High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago

High-speed cryptography and DNSCurve D. J. Bernstein University of Illinois at Chicago Stealing Internet mail: easy! Given a mail message: Your mail software sends a DNS request, receives a server address,

### RESEARCH SURVEY ON MIFARE WITH RFID TECHNOLOGY

RESEARCH SURVEY ON MIFARE WITH RFID TECHNOLOGY S.SRINIVASAN Assistant Professor, School of Computing, SASTRA University, Kumbakonam-612001 Tamil Nadu, India ramuluvasan@rediffmail.com Dr. C. CHANDRASEKAR

### INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003

INTRODUCTION to CRYPTOGRAPHY & CRYPTOGRAPHIC SERVICES on Z/OS BOSTON UNIVERSITY SECURITY CAMP MARCH 14, 2003 History of Cryptography The concept of securing messages through cryptography has a long history.

### Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)

### RFID Security: Threats, solutions and open challenges

RFID Security: Threats, solutions and open challenges Bruno Crispo Vrije Universiteit Amsterdam crispo@cs.vu.nl 1 Table of Content RFID technology and applications Security Issues Privacy Proposed (partial)

### 7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

### Overview. SSL Cryptography Overview CHAPTER 1

CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

### Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,

### Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2

Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2 Research Student, Bharti Vidyapeeth, Pune, India sd_patil057@rediffmail.com Modern College of Engineering,

### Tackling Security and Privacy Issues in Radio Frequency Identification Devices

Tackling Security and Privacy Issues in Radio Frequency Identification Devices Dirk Henrici and Paul Müller University of Kaiserslautern, Department of Computer Science, PO Box 3049 67653 Kaiserslautern,

### 4. Open issues in RFID security

4. Open issues in RFID security Lot of research efforts has been put on RFID security issues during recent years. A survey conducted by CapGemini showed that consumers see RFID more intrusive than several

### Elements of Applied Cryptography Public key encryption

Network Security Elements of Applied Cryptography Public key encryption Public key cryptosystem RSA and the factorization problem RSA in practice Other asymmetric ciphers Asymmetric Encryption Scheme Let

### Gold Lock Desktop White Paper

Gold Lock Desktop White Paper TM EMAIL AND FILE ENCRYPTION SOFTWARE Effective Data Security in the 21st Century Evaluating the needs of appropriate data security and identifying the risks in the modern

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

### Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can

### Public Key Cryptography. c Eli Biham - March 30, 2011 258 Public Key Cryptography

Public Key Cryptography c Eli Biham - March 30, 2011 258 Public Key Cryptography Key Exchange All the ciphers mentioned previously require keys known a-priori to all the users, before they can encrypt

### 12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

### A New Security Protocol Using Hybrid Cryptography Algorithms

International Journal of Computer Sciences and Engineering Open Access Review Paper Volume-4, Special Issue-2, April 2016 E-ISSN: 2347-2693 A New Security Protocol Using Hybrid Cryptography Algorithms

### SFWR ENG 4C03 - Computer Networks & Computer Security

KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,

### Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

### CS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay

CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement

### Design and Implementation of Asymmetric Cryptography Using AES Algorithm

Design and Implementation of Asymmetric Cryptography Using AES Algorithm Madhuri B. Shinde Student, Electronics & Telecommunication Department, Matoshri College of Engineering and Research Centre, Nashik,

### Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

Cryptography & Network Security Introduction Chester Rebeiro IIT Madras The Connected World 2 Information Storage 3 Increased Security Breaches 81% more in 2015 http://www.pwc.co.uk/assets/pdf/2015-isbs-executive-summary-02.pdf

### IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS

IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS Mythily V.K 1, Jesvin Veancy B 2 1 Student, ME. Embedded System Technologies, Easwari Engineering College, Ramapuram, Anna University,

### RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region

RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the

### CRYPTOGRAPHY AND NETWORK SECURITY Principles and Practice

CRYPTOGRAPHY AND NETWORK SECURITY Principles and Practice THIRD EDITION William Stallings Prentice Hall Pearson Education International CONTENTS CHAPTER 1 OVERVIEW 1 1.1 1.2 1.3 1.4 1.5 1.6 PART ONE CHAPTER

### BlackBerry Enterprise Solution

BlackBerry Enterprise Solution Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 5 and BlackBerry Device Software Version 4.5 2008 Research In Motion Limited. All rights

### Cryptography & Digital Signatures

Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.

### A Question of Key Length

A Question of Key Length Does Size Really Matter When It Comes To Cryptography? White Paper December 7, 2015 By Alessio Di Mauro A Question of Key Length 2015 Yubico. All rights reserved. Page 1 of 10

### Kleptography: The unbearable lightness of being mistrustful

Kleptography: The unbearable lightness of being mistrustful MOTI YUNG Google Inc. / Columbia University Joint work with Adam Young Background: -The time is the Mid 90 s: Cryptography is the big Equalizer

Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

### Authentication requirement Authentication function MAC Hash function Security of

UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

### Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography

### Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity

### 802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com

802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key

### SecureCom Mobile s mission is to help people keep their private communication private.

About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended

### Enova X-Wall LX Frequently Asked Questions

Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)

### Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice

### Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

### Bit Chat: A Peer-to-Peer Instant Messenger

Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one

### CRYPTOGRAPHY AND NETWORK SECURITY

CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New

### Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science Table of Contents - Objective - Cryptography: An Overview - Symmetric Key - Asymmetric Key - Transparent Key: A Paradigm Shift - Security

### Various Attacks and their Countermeasure on all Layers of RFID System

Various Attacks and their Countermeasure on all Layers of RFID System Gursewak Singh, Rajveer Kaur, Himanshu Sharma Abstract RFID (radio frequency identification) system is one of the most widely used

### Virtual Private Networks

Outline Virtual Private Networks Cmput 410 Presentations November 25-2004 Introduction Types of VPNs Tunneling Security Encryption Future of VPNs VPN - Definition Introduction a way to provide remote access

### Message Authentication Codes

2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

### A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,

### White Paper: Multi-Factor Authentication Platform

White Paper: Multi-Factor Authentication Platform Version: 1.4 Updated: 29/10/13 Contents: About zero knowledge proof authentication protocols: 3 About Pairing-Based Cryptography (PBC) 4 Putting it all

### Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

NIST Special Publication 800-131A Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Elaine Barker and Allen Roginsky Computer Security Division Information

### CSE/EE 461 Lecture 23

CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data