PKCS. PKCS: Public Key Cryptography Standards. Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun
|
|
- Ami Walsh
- 8 years ago
- Views:
Transcription
1 : Public Key Cryptography Standards Devised and published by RSA Security Launched in 1991 as implementation agreements among early adopters of public-key cryptography Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun Revised 1993, Cryptoki ( #11) released 1995 Workshops, ongoing updates, new documents since Standards #1 : RSA Cryptography Standard #3 : Diffie-Hellman Key-Agreement #5 : Password-Based Cryptography #7 : Cryptographic Message Syntax Standard Sign/encrypt messages under a PKI #8 : Private-Key Information Syntax #9 : Selected Attribute Types selected attribute types for use in #7, #8, #10 #10: Certification Request Syntax Format of messages sent to a certification authority to request certification of a public key #11: Cryptographic Token Interface (Cryptoki) #12: Personal Information Exchange Syntax #13: Elliptic Curve Cryptography Standard #14: Pseudo-random Number Generation #15: Cryptographic Token Information Format Standard Obsolete: #2, #4, #6 2
2 #1: RSA Cryptography RSA encryption, signature schemes v1.5 (1993) has basic RSA schemes, specified in SSL, S/MIME, PKIX v2.0 (1998) adds Bellare-RogawayOAEP encryption v2.1 (2002) adds B-R PSS (Probabilistic Signature Scheme) #7: Cryptographic Message Syntax Signed, encrypted message syntax enhancement to Privacy-Enhanced Mail v1.5 (1993) has RSA-oriented key management, basis for S/MIME, some PKIX protocols IETF RFC 2630 (CMS) adds DH-oriented key management v1.6 (2009) supports SET (Secure Electronic Transaction) protocol 3 : Cryptographic Token Interface (a.k.a. Cryptoki) Programming interface for smart cards, other devices v1.0 (1995) has basic methods v2.01 (1997) adds cryptographic mechanisms, improves management v2.11 (2001) clarifies interfaces, adds more mechanisms - Main Goals: The primary goal of Cryptoki: a lower-level programming interface that abstracts the details of the devices; and presents to the application a common model of the cryptographic device, called a cryptographic token. A secondary goal: resource-sharing» as desktop multi-tasking operating systems become more popular, a single device should be shared between more than one application. In addition, an application should be able to interface to more than one device at a given time. 4
3 11 and several key concepts Slot place where the smart card is inserted Token thing, which is inserted into the Slot. Commonly the Smart Cards Object keys, certificates, data, sessions, etc. Session before any operation we need to establish a session to the token Object Data Key Certificate Public Key Private Key Secret Key 5 - Functions SmarCard Management:» C_GetSlotList» C_GetSlotInfo» C_GetTokenInfo» C_GetMechanismList» C_GetMechanismInfo» C_InitToken» C_InitPIN» C_SetPIN Digital Signature:» C_SignInit» C_Sign» C_SignUpdate» C_SignFinal» C_VerifyInit» C_Verify» C_VerifyUpdate» C_VerifyFinal Session Managment:» C_OpenSession» C_CloseSession» C_CloseAllSession» C_GetSessionInfo» C_Login» C_Logout Key Management:» C_GenerateKey» C_GenerateKeyPair» C_WrapKey» C_UnwrapKey Message Hashing:» C_DigestInit» C_Digest» C_DigestUpdate» C_DigestFinal 6
4 example Management of SmartCard - Generation of a public/private key pair: the C_GenerateKeyPair function performs the following operations: 1. Inserts the file EF_Index identification of key CK_RV items CK_ENTRY obtained from C_GenerateKeyPair( templates; CK_SESSION_HANDLE hsession, 2. Compiles the files EF_Kpub_Attribute and EF_Kpri_Attribute CK_MECHANISM_PTR pmechanism, with information obtained from templates; CK_ATTRIBUTE_PTR ppublickeytemplate, 3. Constructs the CK_ULONG file via the ulpublickeyattributecount, APDU command: EF_Kpub: CK_ATTRIBUTE_PTR CREATE FILE; pprivatekeytemplate, 4. Constructs the CK_ULONG object BSOKPRI-SIGN ulprivatekeyattributecount, through the APDU command: CK_OBJECT_HANDLE_PTR phpublickey, APDU: PUT DATA OCI CK_OBJECT_HANDLE_PTR phprivatekey ); 5. Generates the key pair using the APDU command: APDU: GENERATE KEY PAIR. forcing algorithm and conditions of access consistent with the template of the private key; 7 example The C_GenerateKeyPair (pre-requisite? C_Login) Input Parameters: CK_SESSION_HANDLE hsession:» session handle obtained by the functions C_OpenSession and C_GetSessionInfo; CK_MECHANISM_PTR pmechanism:» pointer to the cryptographic mechanisms supported by the library; CK_ATTRIBUTE_PTR ppublickeytemplate:» pointer to the template of the public key; CK_ULONG ulpublickeyattributecount:» number of attributes of the template; CK_ATTRIBUTE_PTR pprivatekeytemplate:» pointer to the template of the private key; CK_ULONG ulprivatekeyattributecount:» number of attributes of the template; CK_OBJECT_HANDLE_PTR phpublickey:» pointer to where the library will return the object handle public key; CK_OBJECT_HANDLE_PTR phprivatekey:» pointer to where the library will return the object handle private key. 8
5 #15 #15: Cryptographic Token Information Format File format for cryptographic data on smart cards, other devices v1.0 (1998) newly released, candidate for WAP Forum, country e-id cards v1.1 (2004), adds software format Common formats for cryptographic objects File formats in case of smart cards Coordination with several groups:» WAP Forum» DC/SC Forum» SEIS (Sweden) 9 #15 - File System EF_Index: Elementary Linear File type TLV that contains identifiers # 11 (CKA_ID) objects public key, private key, certificates, and data objects in the Digital Signature directory. This file is used by the object management functions for the "navigation" of the Smart Card file system. 10
6 Abstraction: APPLICATION COM Ser.Provider C - API Crypto Service Provider OS manufacture Resource Manager IFD Driver IFD Smart Card SC reader 11 Abstraction in Windows - Cryptographic Service Provider (CSP): 12
PKCS. PKCS: Public Key Cryptography Standards
: Public Key Cryptography Standards Devised and published by RSA Security Launched in 1991 as implementation agreements among early adopters of public-key cryptography Apple, Digital, Lotus, Microsoft,
More informationJCCM : Flexible Certificates for smartcards with Java Card
JCCM : Flexible Certificates for smartcards with Java Card M ā Celeste Campo, Andrés Marín, Arturo García, Ignacio Díaz, Peter T. Breuer, Carlos Delgado, Carlos García Universidad Carlos III de Madrid
More informationPKCS #11: Cryptographic Token Interface Standard
PKCS #11: Cryptographic Token Interface Standard An RSA Laboratories Technical Note Version 20 DRAFT 2 July 1, 1997April 15, 1997 RSA Laboratories 100 Marine Parkway, Suite 500 Redwood City, CA 94065 USA
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationPrivateServer HSM Integration with Microsoft IIS
PrivateServer HSM Integration with Microsoft IIS January 2014 Document Version 1.1 Notice The information provided in this document is the sole property of Algorithmic Research Ltd. No part of this document
More informationCALIFORNIA SOFTWARE LABS
; Digital Signatures and PKCS#11 Smart Cards Concepts, Issues and some Programming Details CALIFORNIA SOFTWARE LABS R E A L I Z E Y O U R I D E A S California Software Labs 6800 Koll Center Parkway, Suite
More informationOFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES
OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES Table of contents 1.0 SOFTWARE 1 2.0 HARDWARE 2 3.0 TECHNICAL COMPONENTS 2 3.1 KEY MANAGEMENT
More informationPublic-Key Infrastructure
Public-Key Infrastructure Technology and Concepts Abstract This paper is intended to help explain general PKI technology and concepts. For the sake of orientation, it also touches on policies and standards
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationNational Security Agency Perspective on Key Management
National Security Agency Perspective on Key Management IEEE Key Management Summit 5 May 2010 Petrina Gillman Information Assurance (IA) Infrastructure Development & Operations Technical Director National
More informationA Noval Approach for S/MIME
Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Noval Approach for S/MIME K.Suganya
More informationForging Digital Signatures
Forging Digital Signatures Albert Levi Sabanci University Istanbul, TURKEY levi@sabanciuniv.edu ACSAC 2002 Outline What s a digital signature? How S/MIME handles digital signatures? How to obtain a certificate
More information<Insert Picture Here> Oracle Security Developer Tools (OSDT) August 2008
Oracle Security Developer Tools (OSDT) August 2008 Items Introduction OSDT 10g Architecture Business Benefits Oracle Products Currently Using OSDT 10g OSDT 10g APIs Description OSDT
More informationCS 356 Lecture 28 Internet Authentication. Spring 2013
CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationNISTIR 7676 Maintaining and Using Key History on Personal Identity Verification (PIV) Cards
NISTIR 7676 Maintaining and Using Key History on Personal Identity Verification (PIV) Cards David A. Cooper NISTIR 7676 Maintaining and Using Key History on Personal Identity Verification (PIV) Cards David
More informationKey Management and Distribution
Key Management and Distribution Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu udio/video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationThe Security Framework 4.1 Programming and Design
Tel: (301) 587-3000 Fax: (301) 587-7877 E-mail: info@setecs.com Web: www.setecs.com Security Architecture for Development and Run Time Support of Secure Network Applications Sead Muftic, President/CEO
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email
CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure
More informationLecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.
Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution. 1 Opening quote. 2 The topics of cryptographic key management
More informationGlobalSign Enterprise Solutions
GlobalSign Enterprise Solutions Secure Email & Key Recovery Using GlobalSign s Auto Enrollment Gateway (AEG) 1 v.1.2 Table of Contents Table of Contents... 2 Introduction... 3 The Benefits of Secure Email...
More informationGuide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards
The World Internet Security Company Solutions for Security Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards Wherever Security
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationCertification Authority. The X.509 standard, PKI and electronic documents. X.509 certificates. X.509 version 3. Critical extensions.
The X.509 standard, PKI and electronic uments Antonio Lioy < lioy @ polito.it > Politecnico di Torino Dipartimento di Automatica e Informatica Certification Authority (4) cert repository (cert, CRL) Certification
More informationCryptographic Services Guide
Cryptographic Services Guide Contents About Cryptographic Services 5 At a Glance 5 Encryption, Signing and Verifying, and Digital Certificates Can Protect Data from Prying Eyes 5 OS X and ios Provide Encryption
More informationGetting to know your card: Reverse-Engineering the Smart-Card Application Protocol Data Unit for PKCS#11 Functions
: Reverse-Engineering the Smart-Card Application Protocol Data Unit for PKCS#11 Functions 1, Fiona McNeill 2, Alan Bundy 1, Graham Steel 3 Riccardo Focardi 4, Claudio Bozzato 4 1 University of Edinburgh
More informationSAP Single Sign-On 2.0 Overview Presentation
SAP Single Sign-On 2.0 Overview Presentation March 2016 Public Agenda SAP security portfolio Overview SAP Single Sign-On Single sign-on main scenarios Capabilities Summary 2016 SAP SE or an SAP affiliate
More informationEntrust Smartcard & USB Authentication
Entrust Smartcard & USB Authentication Technical Specifications Entrust IdentityGuard smartcard- and USB-based devices allow organizations to leverage strong certificate-based authentication of user identities
More informationCiphire Mail. Abstract
Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the
More informationThe Role of Digital Certificates in Contemporary Government Systems: the Case of UAE Identity Authority
The Role of Digital Certificates in Contemporary Government Systems: the Case of UAE Identity Authority Dr. Ali M. Al-Khouri Emirates Identity Authority, Abu Dhabi, United Arab Emirates Abstract Digital
More informationPage 1. Smart Card Applications. Lecture 7: Prof. Sead Muftic Matei Ciobanu Morogan. Lecture 7 : Lecture 7 : Smart Card Applications
in Open Distributed Processing s 1 in Open Distributed Processing s 2 Prof. Sead Muftic Matei Ciobanu Morogan Lecture 7: 1 2 in Open Distributed Processing s 3 in Open Distributed Processing s Smart s
More informationSecurity Architecture (ASA)
AppleÕs Security Architecture (ASA) Aram PŽrez Chief Security Architect aram@.com Apple Data Security Group Overview Apple Data Security Group Why provide a security architecture? Requirements Building
More informationGENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET
http:// GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET Manisha Dawra 1, Ramdev Singh 2 1 Al-Falah School of Engg. & Tech., Vill-Dhauj, Ballabgarh-Sohna Road, Faridabad, Haryana (INDIA)-121004
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationCryptography and Network Security Chapter 14
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture
More informationWindows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation
Windows 2000 Security Architecture Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation Topics Single Sign-on Kerberos v5 integration Active Directory security Delegation of authentication
More informationUsing etoken for Securing E-mails Using Outlook and Outlook Express
Using etoken for Securing E-mails Using Outlook and Outlook Express Lesson 15 April 2004 etoken Certification Course Securing Email Using Certificates Unprotected emails can be easily read and/or altered
More informationNational Certification Authority Framework in Sri Lanka
National Certification Authority Framework in Sri Lanka By Rohana Palliyaguru Manager Operations & Principal Information Security Engineer What is digital Signature? According to UNCITRAL Text 25. Digital
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationStandardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal
Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal Shawn Geddis Security Consulting Engineer, Apple Enterprise geddis@apple.com 703-264-5103 1 Agenda A View of Apples PKI
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationI. Configuring Digital signature certificate in Microsoft Outlook 2003:
I. Configuring Digital signature certificate in Microsoft Outlook 2003: In order to configure Outlook 2003 to use the new message security settings please follow these steps: 1. Open Outlook. 2. Go to
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationCryptography and network security CNET4523
1. Name of Course 2. Course Code 3. Name(s) of academic staff 4. Rationale for the inclusion of the course/module in the programme Cryptography and network security CNET4523 Major The Great use of local
More informationApplication Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008
7 Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008 All information herein is either public information or is the property of and owned
More informationGuidelines for Developing Cryptographic Service Providers (CSPs) for Acrobat on Windows
Technical Note Providers (CSPs) for Acrobat C ONTENTS Requirements for Minimal Functionality 1 Recommendations for Maximum Functionality 2 For a Better User Experience Using CSPs in Acrobat 3 Other Recommendations
More informationCheck Point FDE integration with Digipass Key devices
INTEGRATION GUIDE Check Point FDE integration with Digipass Key devices 1 VASCO Data Security Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationDraft Middleware Specification. Version X.X MM/DD/YYYY
Draft Middleware Specification Version X.X MM/DD/YYYY Contents Contents... ii 1. Introduction... 1 1.2. Purpose... 1 1.3. Audience... 1 1.4. Document Scope... 1 1.5. Document Objectives... 1 1.6. Assumptions
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationX.509 Certificate Generator User Manual
X.509 Certificate Generator User Manual Introduction X.509 Certificate Generator is a tool that allows you to generate digital certificates in PFX format, on Microsoft Certificate Store or directly on
More informatione-code Academy Information Security Diploma Training Discerption
e-code Academy Information Security Diploma Training 2015 I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. OBJECTIVE... 3 LIST OF POSTGRADUATE COURSES... 3 FIRST SEMESTER
More informationDesign and Analysis of Methods for Signing Electronic Documents Using Mobile Phones
Design and Analysis of Methods for Signing Electronic Documents Using Mobile Phones Pramote Kuacharoen School of Applied Statistics National Institute of Development Administration 118 Serithai Rd. Bangkapi,
More informationGPG - GNU Privacy Guard
GPG - GNU Privacy Guard How to use Károly Erdei October 15, 2014 Károly Erdei GPG - GNU Privacy Guard 1/60 1 Why 2 Cryptography 3 PGP 4 KGPG-Assistant 5 -Key-Manager 6 -Editor 7 GPG4Win 8 Enigmail Károly
More informationCustomised version for ČSOB a.s. - English
CryptoPlus Card Manager v. 1.1.31 USER GUIDE Customised version for ČSOB a.s. - English August 2003 MONET+, a.s. Zlín Contents Contents...2 1. Foreword...3 2. CryptoPlus How to Start...4 2.1 HW and SW
More informationPUBLIC Secure Login for SAP Single Sign-On Implementation Guide
SAP Single Sign-On 2.0 SP04 Document Version: 1.0-2014-10-28 PUBLIC Secure Login for SAP Single Sign-On Implementation Guide Table of Contents 1 What Is Secure Login?....8 1.1 System Overview.... 8 1.1.1
More informationGrid Computing - X.509
Grid Computing - X.509 Sylva Girtelschmid October 20, 2009 Public Key Infrastructure - PKI PKI Digital Certificates IT infrastructure that provides means for private and secure data exchange By using cryptographic
More informationIntroduction to Network Security Key Management and Distribution
Introduction to Network Security Key Management and Distribution Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2015
More informationAn Introduction to Entrust PKI. Last updated: September 14, 2004
An Introduction to Entrust PKI Last updated: September 14, 2004 2004 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. In
More informationBlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1
BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1 Version: 5.0 Service Pack: 3 Security Technical Overview Published: 2012-01-17 SWD-1936256-0117012253-001 Contents 1 Document revision history...
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationSecurity Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Security Technical Overview Published: 2014-01-17 SWD-20140117135425071 Contents 1 New in this release...10 2 Overview...
More informationStandards and Products. Computer Security. Kerberos. Kerberos
3 4 Standards and Products Computer Security Standards and Products Public Key Infrastructure (PKI) IPsec SSL/TLS Electronic Mail Security: PEM, S/MIME, and PGP March 24, 2004 2004, Bryan J. Higgs 1 2
More informationPrivateServer HSM EKM Provider for Microsoft SQL Server
PrivateServer HSM EKM Provider for Microsoft SQL Server January 2014 Document Version 1.1 Notice The information provided in this document is the sole property of Algorithmic Research Ltd. No part of this
More informationI N F O R M A T I O N S E C U R I T Y
NIST Special Publication 800-78-3 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification W. Timothy Polk Donna F. Dodson William E. Burr Hildegard Ferraiolo David Cooper I N F
More informationGT 6.0 GSI C Security: Key Concepts
GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationBlackBerry Enterprise Solution
BlackBerry Enterprise Solution Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 5 and BlackBerry Device Software Version 4.5 2008 Research In Motion Limited. All rights
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationI N F O R M A T I O N S E C U R I T Y
NIST Special Publication 800-78-2 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification W. Timothy Polk Donna F. Dodson William. E. Burr I N F O R M A T I O N S E C U R I T Y
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationPublic Key Infrastructure for a Higher Education Environment
Public Key Infrastructure for a Higher Education Environment Eric Madden and Michael Jeffers 12/13/2001 ECE 646 Agenda Architectural Design Hierarchy Certificate Authority Key Management Applications/Hardware
More informationCSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity
CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics
More informationRelease Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved
NCP Secure Client Juniper Edition Service Release: 9.30 Build 102 Date: February 2012 1. New Features and Enhancements The following describe the new features introduced in this release: Visual Feedback
More informationGemalto SafeNet Minidriver 9.0
SafeNet Authentication Client Gemalto SafeNet Minidriver 9.0 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationEXPLORING SMARTCARDS: AN INDEPENDENT LOOK TO TECHNOLOGIES AND MARKET
EXPLORING SMARTCARDS: AN INDEPENDENT LOOK TO TECHNOLOGIES AND MARKET Giuseppe Gippa Paternò gpaterno@gpaterno.com June 2008 WHO AM I Experienced architect Linux, Networking and Security Focused on Telcos
More informationGoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey
GoldKey Product Info Detailed Product Catalogue for GoldKey Do not leave your Information Assets at risk Read On... GoldKey: Reinventing the Security Strategy The Changing Landscape of Data Security With
More informationLecture 1: Introduction. CS 6903: Modern Cryptography Spring 2009. Nitesh Saxena Polytechnic University
Lecture 1: Introduction CS 6903: Modern Cryptography Spring 2009 Nitesh Saxena Polytechnic University Outline Administrative Stuff Introductory Technical Stuff Some Pointers Course Web Page http://isis.poly.edu/courses/cs6903-s10
More informationVulnerabilities of the usage of digital signature
Vulnerabilities of the usage of digital signature The efforts made concerning the use of the digital signature represent a significant step in the information technology. These efforts do not or just to
More informationThe Mathematics of the RSA Public-Key Cryptosystem
The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through
More informationKey Management and Distribution
Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationYale Software Library
Yale Software Library http://www.yale.edu/its/software/ For assistance contact the ITS Help Desk 203-432-9000, helpdesk@yale.edu Two-factor authentication: Installation and configuration instructions for
More informationYubiKey PIV Deployment Guide
YubiKey PIV Deployment Guide Best Practices and Basic Setup YubiKey 4, YubiKey 4 Nano, YubiKey NEO, YubiKey NEO-n YubiKey PIV Deployment Guide 2016 Yubico. All rights reserved. Page 1 of 27 Copyright 2016
More informationeid Security Frank Cornelis Architect eid fedict 2008. All rights reserved
eid Security Frank Cornelis Architect eid The eid Project > Provides Belgian Citizens with an electronic identity card. > Gives Belgian Citizens a device to claim their identity in the new digital age.
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationTrustKey Tool User Manual
TrustKey Tool User Manual 1 Table of Contents 1 Introduction... 5 2 TrustKey Product...6 2.1 TrustKey Tool... 6 2.2 TrustKey function modules...7 2.3 TrustKey using environment...7 3 TrustKey Tool Installation...
More informationCitrix MetaFrame XP Security Standards and Deployment Scenarios
Citrix MetaFrame XP Security Standards and Deployment Scenarios Including Common Criteria Information MetaFrame XP Server for Windows with Feature Release 3 Citrix Systems, Inc. Information in this document
More informationSharing Secrets Using Encryption Facility
Sharing Secrets Using Encryption Facility Eysha S. Powers IBM Corporation Insert Custom Session QR if Desired Tuesday, August 11, 2015: 6:00pm 7:00pm Session Number 17624 Cryptography is used in a variety
More informationHIGHSEC eid App Administration User Manual
HIGHSEC eid App Administration User Manual Contents 1 Introduction... 3 2 Application overview... 3 3 Managing HIGHSEC eid App... 3 3.1 Deleting card pairings... 4 4 Inspecting smart card contents... 5
More informationDEPARTMENT OF DEFENSE PUBLIC KEY INFRASTRUCTURE EXTERNAL CERTIFICATION AUTHORITY MASTER TEST PLAN VERSION 1.0
DEFENSE INFORMATION SYSTEMS AGENCY JOINT INTEROPERABILITY TEST COMMAND FORT HUACHUCA, ARIZONA DEPARTMENT OF DEFENSE PUBLIC KEY INFRASTRUCTURE EXTERNAL CERTIFICATION AUTHORITY MASTER TEST PLAN VERSION 1.0
More informationWireless Mobile Internet Security. 2nd Edition
Brochure More information from http://www.researchandmarkets.com/reports/2330593/ Wireless Mobile Internet Security. 2nd Edition Description: The mobile industry for wireless cellular services has grown
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationUnderstanding digital certificates
Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk
More informationNetwork Security Essentials Chapter 5
Network Security Essentials Chapter 5 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 5 Transport-Level Security Use your mentality Wake up to reality From the song, "I've Got
More informationCRYPTOGRAPHY AS A SERVICE
CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,
More informationCERTIFICATION PRACTICE STATEMENT UPDATE
CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.
More informationNetwork Security - Secure upper layer protocols - Background. Email Security. Question from last lecture: What s a birthday attack? Dr.
Network Security - Secure upper layer protocols - Dr. John Keeney 3BA33 Question from last lecture: What s a birthday attack? might think a m-bit hash is secure but by Birthday Paradox is not the chance
More informationStefan Santesson Consultant, 3xA Security AB (http://aaa-sec.com) Born November 2, 1962 in Malmö, Sweden
CV Stefan Santesson Consultant, 3xA Security AB (http://aaa-sec.com) Born November 2, 1962 in Malmö, Sweden Björnstorp 744 240 13 Genarp Sweden sts@aaa-sec.com Tel +46-767 861337 Skype: Razumain COMPETENCE
More informationAD CS. http://technet.microsoft.com/en-us/library/cc731564.aspx
AD CS AD CS http://technet.microsoft.com/en-us/library/cc731564.aspx Active Directory Certificate Services (AD CS) is an Identity and Access Control security technology that provides customizable services
More information