Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle

Size: px
Start display at page:

Download "Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle"

Transcription

1 CRYPTOGRAPHY Secure E-Commerce: Understanding the Public Key Cryptography Jigsaw Puzzle Viswanathan Kodaganallur, Ph.D. Today almost all organizations use the Internet extensively for both intra- and inter-organizational communications. The Internet is also the exclusive vehicle for E-commerce transactions involving customers and other business partners. This eliminates the significant infrastructure costs of private data communications networks and enables even small companies to participate in E-commerce. However, extensive use of public media for transferring sensitive data poses serious security challenges. One of the main weapons in overcoming these challenges is public key cryptography. Although public key cryptography is extensively used today, relatively few people (managerial and technical) understand its essence, preferring to leave that to the specialists. Although the intricate technical details are best left to the specialists, a solid understanding of the broad picture is necessary and well within the reach of everyone. This article sets out to convey just such an understanding. BASICS OF SECRET COMMUNICATIONS Perfectly secure communication is impossible in theory. It is always a possibility for any message to fall into the wrong hands. The practical approach is to reduce the likelihood of this happening to acceptably small levels. Nowadays encryption is the main approach to keeping communications secret. A message being communicated () is encrypted in such a way that the encrypted message (text) can be understood only if it is decrypted. Clearly, the message is secret only to the extent that decrypting the text is difficult. A message can be encrypted in several ways. A procedure to encrypt a message is called a. A trivial (and not very secure) example of a is one that reverses the characters in a message. The recipient of the message, if aware of how the message has been encrypted, can decrypt it by reversing the characters in the text to recreate the. Another example is a substitution, which works by substituting each character VISWANATHAN KODAGANALLUR, Ph.D., is an Associate Professor of Computing and Decision Sciences at Seton Hall University's Stillman School of Business. He earned his Ph.D. in operations management from the Indian Institute of Management. Dr. Kodaganallur started his working career in academia. He then switched to the software development industry where he spent a decade before returning to academia in His research interests include information systems security, object-oriented software development, intelligent tutoring systems, and combinatorial optimization. 44 I N F O R M A T I O N S Y S T E M S S E C U R I T Y

2 FIGURE 1 Encryption and Decryption with Key-Based Symmetric Ciphers Shared key Shared key Symmetric text Symmetric Encryption Decryption of the message with some other character. This can be decrypted via reverse substitution by a recipient who is aware of what substitutions have been made. In this example, the operates in conjunction with a secret key (the substitution scheme). The same used on the same with a different key will yield different text. Single-character substitution s can be easily cracked by cryptanalysts (people who break s) through techniques such as frequency analysis. For example, the most frequently occurring letters in English are e, t, and a. By counting the frequency of each letter in the text, a cryptanalyst can make a guess about which letters in the text probably map to these letters. Once these are established, other clues, such as which letters commonly precede and follow these letters, can be used to make further progress. More powerful s, called block s, encode a block of text at a time rather than just a single character. Under these, a block of text (say, 128 bits) is replaced with a different block of the same, or different, size. The number of possible transformations increases rapidly with the block size, consequently making cryptanalysis more difficult. Although people can come up with many different methods of encoding, the need for standardization makes it necessary to adopt one or a few methods universally. On the face of it this would seem to defeat the very purpose of encrypted communication. However, with something called key-based s, the text depends not only on the encryption procedure but also on a secret key used during the encryption process. For example, suppose the is (perhaps a credit card number). Let us suppose that some specified method X is being used for encryption. With the secret key , the might get encoded to 6bgs 8ys9 0ehw yhfk ; whereas, using the same method X but a different secret key, the would be encoded to something completely different. To decrypt messages encrypted using keybased s, one needs to know not only the encoding procedure but also the secret key value. Keeping the key hidden from all except the message recipient makes it very difficult for unauthorized parties to obtain the from the text, even if they know what kind of has been used. This process is illustrated in Figure 1. An example of a key-based block is DES (Data Encryption Standard), which was adopted as a standard by the U.S. government in 1977 and the financial industry in DES uses a 56-bit key. Today, DES is not considered safe enough primarily because of its small key size. Computing technology has become powerful enough for a cryptanalyst to exhaustively try all possible key combinations on a DES text within a reasonable amount of time and hence to decode DES text even without having the secret key. C R Y P T O G R A P H Y 45 J A N U A R Y / F E B R U A R Y

3 Prominent among the new approaches are AES (supports key sizes of 128, 192, and 256 bits), Triple DES (overcomes the limited key size by applying DES three times with two or three different keys), Rivest s (RC2, RC4, RC5, and RC6), and others such as IDEA (International Data Encryption Algorithm) and CAST. All the s mentioned above are called symmetric key s because the same secret key is used for encryption and decryption. Symmetric key s that are almost impossible to break are but one part of secure E-commerce. Other issues must be addressed for secure communications in today s world, where many parties need to communicate over an insecure medium such as the Internet. Any scheme that is used must ideally meet all of the following requirements: Confidentiality: It should be almost impossible for anyone but the intended recipient to de the message. This is the most obvious aspect of secure communications and is well addressed by the symmetric key s already mentioned. Scalability: The approach should be convenient to use when the number of communicants and messages is large. Secret communication with symmetric keys is not scalable when used in isolation. It runs into various problems when many unacquainted parties need to communicate secretly; as, for example, in E-commerce transactions. The biggest bottleneck with such systems is the distribution and management of the secret keys. Suppose there are n parties communicating with each other and all communications need to be secret; then each party has to keep track of one secret key for each of the n 1 parties with whom it needs to communicate. An even bigger problem is that of safely distributing the keys in the first place so that the secret keys do not fall into the wrong hands. It should be possible to exchange keys safely over insecure media; after all, it is not practical to expect that all communicating parties will meet in person to exchange keys. Furthermore, to break a, a cryptanalyst needs a lot of text created using a single key. Thus, to minimize the risk of compromising secrecy, it would be necessary to periodically change the symmetric keys used. This requirement further complicates the task of secure key distribution. Integrity: It should be possible for the recipient to verify that the message was not tampered with in transit. This is important because an attacker might intercept a message and insert a different one in its place. A contemporary example of this would be when a hacker intercepts a transmission from an E-commerce server to a client and inserts the hacker s own Web page in place of the server s page. An unsuspecting user might then enter sensitive information on the hacker s page and submit it to the hacker. Authentication: It should be possible for a message recipient to verify the identity of the message originator in order to avoid dealing with an imposter. This is essential because an imposter on the Web could easily pose as a genuine E-commerce vendor and steal sensitive information. Another related issue is that of nonrepudiation; a sender of a message (such as an important legal business document) should not be able to later claim to have never sent it. This goal is achieved once the identity of the sender of a message can be irrevocably established. I will now discuss the pieces of the public key cryptography jigsaw puzzle that address each of these issues. Table 1 summarizes the issues and the techniques that address each issue. Detailed descriptions of the techniques follow. ASYMMETRIC KEY CIPHERS We have already seen that key distribution and management is a problem with symmetric key s. Whitfield Diffie and Martin 46 I N F O R M A T I O N S Y S T E M S S E C U R I T Y

4 TABLE 1 Issues in Public Key Cryptography Issue Technique Confidentiality Scalability Integrity Authentication Key-based s (symmetric and asymmetric) key s, digital certificates, and Secure Sockets Layer Message digests and digital signatures Digital certificates and certificate authorities Hellman of Stanford University made pathbreaking discoveries that gave birth to modern cryptography. They demonstrated for the first time that it is possible for communicating parties to exchange keys securely over insecure media. They also suggested the concept of asymmetric key s, wherein the keys used for encryption and decryption are different. Although they suggested the concept of asymmetric key s, they were unable to develop a concrete realization of the concept an actual that would work as they suggested. That was later done by the MIT team of Ron Rivest, Adi Shamir, and Leonard Adleman, who created RSA, the first asymmetric key. Another wellknown asymmetric key is the ElGamal. The two keys of an asymmetric form a key pair, with one of them being the private key and the other the public key. A key pair has the following properties: A message encrypted with a public key can be decoded only with the matching private key. In the case of reversible asymmetric key s, the converse also works a message encrypted with a private key can be decrypted only with the matching public key. Given a public key, it is almost impossible to figure out the matching private key. By almost impossible, we mean that, although it is theoretically possible to figure out the private key given only the public key, in practice it would take several years of computing. As the names imply, a private key is kept completely private no one but the owner knows this key but the public key can be widely distributed because it does not matter who gets hold of it. Communication using asymmetric key s is called public key cryptography. For a concrete illustration of how secure communication would work under this system, suppose person A wants to send a secret message to person B, and A and B already have each other s public keys (they could have exchanged them via , for example). Further, suppose that a hacker (H) is eager to listen in on this communication. A would first encrypt her message using B s public key and send the text to B. On receiving the message, B can decrypt it using his private key. Even if H sees the text, not possessing B s private key, H can do nothing useful with the data. This process is illustrated in Figure 2. B can now reply to A by encrypting the message with A s public key, and the conversation can proceed securely even though H can potentially intercept each and every byte of the transmissions. Although this seems to be a foolproof arrangement, this alone does not prevent H from being malicious. H might be able to intercept a message from A to B and replace it with his own message properly encrypted with B s public key (recall that B makes no effort to hide his public key). On receiving this message, B has no way of knowing that the integrity of the message has been compromised and that the message has really been sent by an imposter acting as A. Although confidentiality has not been compromised, there has been a security breach. How can B be sure of the authenticity of the sender of the message just by looking at the message? C R Y P T O G R A P H Y 47 J A N U A R Y / F E B R U A R Y

5 FIGURE 2 Secret Communication with Public Keys and Ciphers A s computer B s computer B s public key B s private key text FIGURE 3 Double Encryption Scheme with Public Key Cryptography p B s public key A s private key text 1 B s computer text B s private key A s public key text 1 There is a way by which confidentiality, integrity, and authentication can all be achieved with asymmetric s. Let us assume as before that A and B have exchanged public keys. Now, when A wants to send a message to B, A first encrypts the message using B s public key and then encrypts the resulting text once again using her own private key and sends the resultant doubly encrypted message to B. B first uses A s public key and, on the result, uses his own private key to get back the original message. Figure 3 illustrates this process. This approach provides confidentiality. H can decrypt using A s public key and undo the effect of A s private key; but the result is still text created with B s public key that requires B s private key to decrypt. Not possessing B s private key, H can go no further. This approach preserves integrity. The second step in the decryption process by B is to use A s public key. This can work only on a message encrypted with A s private key. Not having A s private key, H cannot insert anything that will decrypt properly with A s public key. 48 I N F O R M A T I O N S Y S T E M S S E C U R I T Y

6 This approach provides authentication. When B uses A s public key followed by his own private key and gets anything meaningful, it is clear that the message was actually sent by A. No one other than A could have sent anything that could be decrypted meaningfully with A s public key. Although this seems to be a complete solution, it leaves open two problems: Encryption and decryption with asymmetric key s are extremely computing intensive. The operations are slower by a factor of 100 when compared with symmetric key s. Thus, the above scenario is actually impractical from a computing-time perspective. key s are therefore seldom used for entire communications unless the amount of data being encrypted is very small. We will see later in the article that they are generally used only to exchange public keys spontaneously when needed, and to use these keys to agree on a symmetric session key. The session key is then used for the rest of the session with a symmetric key. Communicating parties would need to manage large numbers of public keys, and if two unacquainted parties needed to communicate they would have to go through the ritual of public key exchange first but how do they trust each other in the first place? Digital certificates and certificate authorities, discussed later, address this issue. Although the method of double encryption of the message does solve the integrity problem, we have seen that it is not practical. A practical approach is based on digital signatures. DIGITAL SIGNATURES To explain how digital signatures work, I first need to introduce the concept of message digests. A message digest is a simple number that can be quickly calculated from an input message. A good message digest has the property that if even a single bit of the input message is changed, the digest calculated will have a different value. Further, it is almost impossible to intentionally construct two messages that have the same digest value. For the moment, assume that we are concerned only about integrity and that there is no requirement for confidentiality. (I will bring confidentiality back into the equation later.) In such a case, when A sends a message to B, A can send the message along with its calculated digest value. On receiving the message, B re-computes the digest value and compares it to the value sent by A. If the two match, B can be confident that the message was not changed in any way in transit; if the message was modified, the two message digest values would not match. It is easy to see that message digests alone are insufficient to thwart a hacker. After all, the hacker can interpose and replace the message with a new one and also replace the digest with the digest corresponding to the new message. Thus, the recipient will find that the digests match even though the message has lost its integrity. Digital signatures use the concept of message digests with an added twist based on asymmetric keys to completely thwart hackers from surreptitiously modifying a message in transit. Once again we assume that our only concern is integrity. Using digital signatures, when A sends a message to B, A first calculates the message digest. A then encrypts the message digest with her private key. The result is the digital signature of the message. A now sends the original message along with its digital signature to B. Because the message digest is only a simple number, using asymmetric key s on it is not computationally intensive. On receiving the message, B first uses A s public key to decrypt the digital signature. This provides B with the message digest value. B can then independently generate the message digest from the message and compare the two. If they C R Y P T O G R A P H Y 49 J A N U A R Y / F E B R U A R Y

7 FIGURE 4 Creating and Verifying Digital Signatures A s private key Digest Algorithm message digest digital signature B s computer A s public key digital signature Digest Algorithm message digest 1 message digest 2 If the two digests match then B knows that the message is genuine match, then B is confident that no one has tampered with the message. This process is illustrated in Figure 4. Under this scenario, it is impossible for the hacker (H) to undetectably replace the transmission with a new message and a matching digital signature because H does not have A s private key. Suppose H does replace the message with a new message and replaces the digital signature with one generated using his own private key and then sends the message and the signature to B. B, assuming that the message is coming from A, will use A s public key on the digital signature. This will fail to produce the actual message digest that H calculated because H did not use A s private key. B will thus know that someone has tampered with the message. Digital signatures do not address the confidentiality issue at all. They do solve the integrity problem completely. To a limited extent, they also solve the problem of authentication, if the message recipient has the public key of the sender. In real terms it is impractical to expect that any two communicants will have each other s public keys readily available at all times. We need a scalable way of exchanging public keys spontaneously with a guarantee of the identities of the parties involved. This is where digital certificates and certificate authorities come into the picture. DIGITAL CERTIFICATES As before, let us assume that A and B have already exchanged public keys and trust each other. Suppose C now wants to have a secure communication with A, but A and C are not mutually acquainted. Unless A knows or trusts C, A will refuse to have a secure conversation with C. Suppose B knows and trusts C. Now, because A trusts B and B trusts C, there is a chain of trust potentially enabling A to trust C. How is this chain of trust established electronically? Because B trusts C, B can issue a digital certificate to C. A digital certificate consists of identifying information about an entity along with the signed public key of that entity. It essentially states that the issuer of the certificate believes that the public key in the certificate belongs to the person whose identifying information appears in the certificate. To issue a digital certificate to C, B creates a structure that contains identifying information about C (e.g., the name and other important public information) and attaches C s public key encrypted with the private key of B. Because B is the only entity that can use B s private key, the certificate 50 I N F O R M A T I O N S Y S T E M S S E C U R I T Y

8 FIGURE 5 B Creating a Digital Certificate for C B s private key Digest Algorithm message digest Information about B Information about C C s public key digital signature C s digital certificate essentially represents that B vouches for C s identity, and anyone having B s public key can verify the fact. This process is illustrated in Figure 5. The above arrangement works fine when there is an intermediary such as B who can establish a chain of trust between the communicating parties. In most business situations, especially in Web-based business-toconsumer E-commerce, this requirement would be cumbersome. This issue is addressed by certificate authorities. CERTIFICATE AUTHORITIES Certificate authorities (CAs) are organizations specifically created to issue digital certificates after properly verifying the identities of entities requesting them. Many CAs exist; some well-known ones are Verisign, Certisign, and Thawte. CAs are assumed to be trusted parties and hence the certificates issued by them serve to verify the identities of the parties presenting them. For example, in a Web-based E-commerce transaction, a buyer would want to ensure that she is really dealing with a genuine Web site and not that of an imposter before entering sensitive information such as a credit card number. The vendor can establish identity by presenting a digital certificate issued by a CA. The public keys of CAs are widely distributed. All Web browsers typically come pre-installed with these public keys. Suppose two parties A and C are unacquainted and one of them, say C, wishes to initiate a secure conversation with the other. C first gets a digital certificate from a CA and presents it to A. A already has the public key of well-known CAs and hence can use the appropriate one to extract C s public key from the certificate. Similarly, A can present her certificate to C, from which C can get A s public key. The above mechanism can be employed to spontaneously exchange public keys with complete confidence about the identities of the communicating parties. However, as already mentioned, using public key encryption is computing intensive and impractical for complete conversations. This final hurdle is addressed by Secure Sockets Layer. SECURE SOCKETS LAYER Secure Sockets Layer (SSL) was created by Netscape Corporation to address the difficulty of using public key encryption for complete conversations. It provides a way to use a symmetric key (much more efficient than asymmetric key s) in a secure manner. It is specifically designed for Web-based E-commerce wherein a browser and server need to engage in a secure conversation. The following steps occur in an SSL-based exchange: C R Y P T O G R A P H Y 51 J A N U A R Y / F E B R U A R Y

9 The server presents a digital certificate issued by a CA. The browser verifies the certificate and extracts the server s public key. The browser then generates a symmetric key (called session key). The browser encrypts the session key with the server s public key and sends it to the server. The server extracts the session key. The browser and server conduct a secret conversation using the shared session key, but they can use a symmetric key for much greater efficiency. Server and browser discard the session key at the end of the conversation. In the above scenario, only the server is authenticated by means of a digital certificate; this is all that is typically needed for business-to-consumer E-commerce. A version of SSL includes client authentication as well, which can be used when both parties need to be authenticated. When we see https:// in our browser s address line, it indicates that SSL, and therefore the full weight of public key cryptography, is in use. CONCLUSIONS This article has introduced the essential aspects of public key cryptography. We looked at the shortcomings of symmetric key s used in isolation and showed how public key cryptography based on asymmetric key s overcomes the problems by enabling confidentiality, message integrity, and authentication. Finally, we looked at the essentials of SSL, which combines the power of public key cryptography with the speed of symmetric key s to provide security and efficiency. References 1. Harold F. Tipton (Editor), Micki Krause (Editor), Information Security Management Handbook, Fifth Edition, Auerbach Publications, Charlie Kaufman, Radia Perlman, Mike Speciner, Network Security: Private Communication in a Public World, Second Edition, Prentice Hall, I N F O R M A T I O N S Y S T E M S S E C U R I T Y

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

CRYPTOGRAPHY IN NETWORK SECURITY

CRYPTOGRAPHY IN NETWORK SECURITY ELE548 Research Essays CRYPTOGRAPHY IN NETWORK SECURITY AUTHOR: SHENGLI LI INSTRUCTOR: DR. JIEN-CHUNG LO Date: March 5, 1999 Computer network brings lots of great benefits and convenience to us. We can

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

Web Security: Encryption & Authentication

Web Security: Encryption & Authentication Web Security: Encryption & Authentication Arnon Rungsawang fenganr@ku.ac.th Massive Information & Knowledge Engineering Department of Computer Engineering Faculty of Engineering Kasetsart University, Bangkok,

More information

Securing your Online Data Transfer with SSL

Securing your Online Data Transfer with SSL Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does

More information

Properties of Secure Network Communication

Properties of Secure Network Communication Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,

More information

Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Secure Sockets Layer (SSL) is an application-layer protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For Secure Socket Layer Secure Socket Layer Introduction Overview of SSL What SSL is Useful For Introduction Secure Socket Layer (SSL) Industry-standard method for protecting web communications. - Data encryption

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173 Security & Privacy on the WWW Briefing for CS4173 Topic Outline 1. Information Security Relationship to safety Definition of important terms Where breaches can occur Web techniques Components of security

More information

Applied Cryptology. Ed Crowley

Applied Cryptology. Ed Crowley Applied Cryptology Ed Crowley 1 Basics Topics Basic Services and Operations Symmetric Cryptography Encryption and Symmetric Algorithms Asymmetric Cryptography Authentication, Nonrepudiation, and Asymmetric

More information

The Elements of Cryptography

The Elements of Cryptography The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish

More information

GT 6.0 GSI C Security: Key Concepts

GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon 1 Common security requirements Basic security tools Secret-key cryptography Public-key cryptography Example Online shopping with Amazon 2 Alice credit card # is xxxx Internet What could the hacker possibly

More information

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013 USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

More information

The science of encryption: prime numbers and mod n arithmetic

The science of encryption: prime numbers and mod n arithmetic The science of encryption: prime numbers and mod n arithmetic Go check your e-mail. You ll notice that the webpage address starts with https://. The s at the end stands for secure meaning that a process

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin. www.itmr.ac.in

Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin. www.itmr.ac.in 01 0110 0001 01101 WHITE PAPER ON Data Encryption Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 NEED FOR DATA ENCRYPTION... 3 DUE CARE... 3 REPUTATIONAL RISK... 3 REGULATORY

More information

What is network security?

What is network security? Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

More information

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice

More information

Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory

Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory There are actually two distinct aspects to the use of public-key encryption in this regard: The distribution of public keys. The use of public-key encryption to distribute secret keys. 9.1 Distribution

More information

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

More information

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn Web Payment Security A discussion of methods providing secure communication on the Internet Group Members: Peter Heighton Zhao Huang Shahid Kahn 1. Introduction Within this report the methods taken to

More information

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g. Cryptography: Motivation Many areas have sensitive information, e.g. Data Structures and Algorithms Cryptography Goodrich & Tamassia Sections 3.1.3 & 3.1.4 Introduction Simple Methods Asymmetric methods:

More information

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Understanding Digital Certificates and Secure Sockets Layer (SSL) Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice Cryptography some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) modern secret key cryptography DES, AES public key cryptography RSA, digital signatures cryptography in practice

More information

Symmetric Key cryptosystem

Symmetric Key cryptosystem SFWR C03: Computer Networks and Computer Security Mar 8-11 200 Lecturer: Kartik Krishnan Lectures 22-2 Symmetric Key cryptosystem Symmetric encryption, also referred to as conventional encryption or single

More information

Building Customer Confidence through SSL Certificates and SuperCerts

Building Customer Confidence through SSL Certificates and SuperCerts Building Customer Confidence through SSL Certificates and SuperCerts Contents 1. Overview 2. Why SSL? 3. Who needs an SSL certificate? 4. How to tell if a website is secure 5. Browser warnings 6. What

More information

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1 Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can

More information

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies 1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?

More information

7! Cryptographic Techniques! A Brief Introduction

7! Cryptographic Techniques! A Brief Introduction 7! Cryptographic Techniques! A Brief Introduction 7.1! Introduction to Cryptography! 7.2! Symmetric Encryption! 7.3! Asymmetric (Public-Key) Encryption! 7.4! Digital Signatures! 7.5! Public Key Infrastructures

More information

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

PUBLIC KEY ENCRYPTION

PUBLIC KEY ENCRYPTION PUBLIC KEY ENCRYPTION http://www.tutorialspoint.com/cryptography/public_key_encryption.htm Copyright tutorialspoint.com Public Key Cryptography Unlike symmetric key cryptography, we do not find historical

More information

As enterprises conduct more and more

As enterprises conduct more and more Efficiently handling SSL transactions is one cornerstone of your IT security infrastructure. Do you know how the protocol actually works? Wesley Chou Inside SSL: The Secure Sockets Layer Protocol Inside

More information

Introduction to Cryptography

Introduction to Cryptography Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication

More information

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald 0043306

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald 0043306 Software Engineering 4C03 Research Project An Overview of Secure Transmission on the World Wide Web Sean MacDonald 0043306 Tuesday April 5, 2005 Introduction Software Engineering 4C03 Research Project

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

Introduction to Cryptography. By Marcus K. G. Adomey Chief Operations Manager AfricaCERT

Introduction to Cryptography. By Marcus K. G. Adomey Chief Operations Manager AfricaCERT Introduction to Cryptography By Marcus K. G. Adomey Chief Operations Manager AfricaCERT Email: marcus.adomey@africacert.org OVERVIEW Cryptography Definition Terminology History Goal and Services Types

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?

More information

Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

More information

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

More information

CRYPTOGRAPHIC ALGORITHMS (AES, RSA)

CRYPTOGRAPHIC ALGORITHMS (AES, RSA) CALIFORNIA STATE POLYTECHNIC UNIVERSITY, POMONA CRYPTOGRAPHIC ALGORITHMS (AES, RSA) A PAPER SUBMITTED TO PROFESSOR GILBERT S. YOUNG IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOR THE COURSE CS530 : ADVANCED

More information

SE 4C03 Winter 2005 VPN Technology: A Method to Secure Transmissions over the World Wide Web

SE 4C03 Winter 2005 VPN Technology: A Method to Secure Transmissions over the World Wide Web SE 4C03 Winter 2005 VPN Technology: A Method to Secure Transmissions over the World Wide Web Researcher: Yasemin Hassan Student Number: 0048576 Revised: April 5, 2005 SE 4C03 Winter 2005 VPN Technology:

More information

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0 APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

More information

Lecture G1 Privacy, Security, and Cryptography. Computing and Art : Nature, Power, and Limits CC 3.12: Fall 2007

Lecture G1 Privacy, Security, and Cryptography. Computing and Art : Nature, Power, and Limits CC 3.12: Fall 2007 Lecture G1 Privacy, Security, and Cryptography Computing and Art : Nature, Power, and Limits CC 3.12: Fall 2007 Functionalia Instructor Chipp Jansen, chipp@sci.brooklyn.cuny.edu Course Web Page http://www.sci.brooklyn.cuny.edu/~chipp/cc3.12/

More information

An Introduction to Cryptography as Applied to the Smart Grid

An Introduction to Cryptography as Applied to the Smart Grid An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric

More information

PrivyLink Internet Application Security Environment *

PrivyLink Internet Application Security Environment * WHITE PAPER PrivyLink Internet Application Security Environment * The End-to-end Security Solution for Internet Applications September 2003 The potential business advantages of the Internet are immense.

More information

Email: The Electronic Postcard. By Daniel Herren

Email: The Electronic Postcard. By Daniel Herren Email: The Electronic Postcard By Daniel Herren 1 Table of Contents 1.0 Introduction.page 3 2.0 Internet Overview...page 3,4 3.0 Email vulnerabilities...page 5-7 3.1 Privacy..page 5 3.2 Authentication.page

More information

SSL. Secure Sockets Layer. - a short summary - By Christoph Gutmann and Khôi Tran

SSL. Secure Sockets Layer. - a short summary - By Christoph Gutmann and Khôi Tran SSL Secure Sockets Layer - a short summary - By Christoph Gutmann and Khôi Tran Page 1 / 7 Table of contents 1. Brief historic outline of SSL 2. Why did SSL come to life? 3. How does SSL work? 4. Where

More information

Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES Understanding SSL Certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES Understanding SSL Certificates 2 Secure Socket Layer (SSL) certificates are widely used to help secure and authenticate

More information

understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES

understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES understanding SSL certificates THAWTE IS A LEADING GLOBAL PROVIDER OF SSL CERTIFICATES contents UNDERSTANDING SSL CERTIFICATES...1 What Is SSL and What Are SSL Certificates?...1 Features of SSL...1 Encryption...1

More information

INTRODUCTION TO CRYPTOGRAPHY

INTRODUCTION TO CRYPTOGRAPHY INTRODUCTION TO CRYPTOGRAPHY AUTHOR: ANAS TAWILEH anas@tawileh.net Available online at: http://www.tawileh.net/courses/ia This work is released under a Creative Commons Attribution-ShareAlike 2.5 License

More information

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES

AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES HYBRID RSA-AES ENCRYPTION FOR WEB SERVICES AN IMPLEMENTATION OF HYBRID ENCRYPTION-DECRYPTION (RSA WITH AES AND SHA256) FOR USE IN DATA EXCHANGE BETWEEN CLIENT APPLICATIONS AND WEB SERVICES Kalyani Ganesh

More information

SECURITY IN NETWORKS

SECURITY IN NETWORKS SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

More information

ΕΠΛ 674: Εργαστήριο 3

ΕΠΛ 674: Εργαστήριο 3 ΕΠΛ 674: Εργαστήριο 3 Ο αλγόριθμος ασύμμετρης κρυπτογράφησης RSA Παύλος Αντωνίου Department of Computer Science Private-Key Cryptography traditional private/secret/single key cryptography uses one key

More information

What is an SSL Certificate?

What is an SSL Certificate? Security is of the utmost importance when doing business on the Web. Your customers want to know that their information is protected when crossing data lines. A Thawte SSL Web Server Certificate or SuperCert

More information

SSL A discussion of the Secure Socket Layer

SSL A discussion of the Secure Socket Layer www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record

More information

symmetric key distribution requirements for public key algorithms asymmetric (or public) key algorithms

symmetric key distribution requirements for public key algorithms asymmetric (or public) key algorithms topics: cis3.2 electronic commerce 6 dec 2005 lecture # 18 internet security, part 2 symmetric (single key) and asymmetric (public key) methods different cryptographic systems electronic payment mechanisms

More information

An Introduction to digital signatures

An Introduction to digital signatures An Introduction to digital signatures This document is an extract from the book Ecommerce - Legal Issues authored by Rohas Nagpal. This book is available as courseware for the Diploma in Cyber Law and

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Network Security 孫 宏 民 hmsun@cs.nthu.edu.tw Phone: 03-5742968 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室 Security Attacks Normal flow: sender receiver Interruption: Information source Information destination

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Using ASP-Based Message Encryption Project To Teach Information Security Concepts

Using ASP-Based Message Encryption Project To Teach Information Security Concepts Using ASP-Based Message Encryption Project To Teach Information Security Concepts Qidong Cao College of Business Administration, Winthrop University Rock Hill, SC 29733, USA caoq@winthrop.edu John S. Davis

More information

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

Introduction to Symmetric and Asymmetric Cryptography

Introduction to Symmetric and Asymmetric Cryptography Introduction to Symmetric and Asymmetric Cryptography Ali E. Abdallah Birmingham CityUniversity Email: Ali.Abdallah@bcu.ac.uk Lectures are part of the project: ConSoLiDatE Multi-disciplinary Cooperation

More information

Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9 Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,

More information

Chapter 10. Cloud Security Mechanisms

Chapter 10. Cloud Security Mechanisms Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

mod_ssl Cryptographic Techniques

mod_ssl Cryptographic Techniques mod_ssl Overview Reference The nice thing about standards is that there are so many to choose from. And if you really don t like all the standards you just have to wait another year until the one arises

More information

7 Key Management and PKIs

7 Key Management and PKIs CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 7 Key Management and PKIs 7.1 Key Management Key Management For any use of cryptography, keys must be handled correctly. Symmetric keys must be kept secret.

More information

Understanding and Integrating KODAK Picture Authentication Cameras

Understanding and Integrating KODAK Picture Authentication Cameras Understanding and Integrating KODAK Picture Authentication Cameras Introduction Anyone familiar with imaging software such as ADOBE PHOTOSHOP can appreciate how easy it is manipulate digital still images.

More information

Introduction to Network Security Key Management and Distribution

Introduction to Network Security Key Management and Distribution Introduction to Network Security Key Management and Distribution Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2015

More information

SSL/TLS: The Ugly Truth

SSL/TLS: The Ugly Truth SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography

More information

Three attacks in SSL protocol and their solutions

Three attacks in SSL protocol and their solutions Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer

More information

The Case For Secure Email

The Case For Secure Email The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email

More information

Authentication Application

Authentication Application Authentication Application KERBEROS In an open distributed environment servers to be able to restrict access to authorized users to be able to authenticate requests for service a workstation cannot be

More information

White Paper. Enhancing Website Security with Algorithm Agility

White Paper. Enhancing Website Security with Algorithm Agility ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

More information

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

9/17/2015. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers Cryptography Basics IT443 Network Security Administration Instructor: Bo Sheng Outline Basic concepts in cryptography system Secret cryptography Public cryptography Hash functions 1 2 Encryption/Decryption

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing

More information

ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES. Daniela Bojan and Sidonia Vultur

ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES. Daniela Bojan and Sidonia Vultur ACTA UNIVERSITATIS APULENSIS No 13/2007 MATHEMATICAL FOUNDATION OF DIGITAL SIGNATURES Daniela Bojan and Sidonia Vultur Abstract.The new services available on the Internet have born the necessity of a permanent

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

Research Article. Research of network payment system based on multi-factor authentication

Research Article. Research of network payment system based on multi-factor authentication Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor

More information

BEGINNERS GUIDE BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS

BEGINNERS GUIDE BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS BEGINNERS GUIDE TO SSL CERTIFICATES INTRODUCTION Whether you are an individual or a company, you

More information

CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS

CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 70 CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 4.1 INTRODUCTION In this research work, a new enhanced SGC-PKC has been proposed for improving the electronic commerce and

More information

Symmetric and asymmetric cryptography overview

Symmetric and asymmetric cryptography overview Symmetric and asymmetric cryptography overview Modern cryptographic methods use a key to control encryption and decryption Two classes of key-based encryption algorithms symmetric (secret-key) asymmetric

More information