Savitribai Phule Pune University



Similar documents
Using etoken for SSL Web Authentication. SSL V3.0 Overview

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview. SSL Cryptography Overview CHAPTER 1

An Introduction to Cryptography as Applied to the Smart Grid

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Chapter 17. Transport-Level Security

Content Teaching Academy at James Madison University

Chapter 7 Transport-Level Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Communication Systems SSL

How To Understand And Understand The Security Of A Key Infrastructure

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Properties of Secure Network Communication

Cornerstones of Security

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

CRYPTOGRAPHY IN NETWORK SECURITY

Lukasz Pater CMMS Administrator and Developer

Transport Layer Security Protocols

Chapter 10. Network Security

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

IT Networks & Security CERT Luncheon Series: Cryptography

Chapter 10. Cloud Security Mechanisms

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Security Policy Revision Date: 23 April 2009

CSE/EE 461 Lecture 23

Computer System Management: Hosting Servers, Miscellaneous

As enterprises conduct more and more

Network Security Essentials Chapter 5

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Is your data safe out there? -A white Paper on Online Security

TLS and SRTP for Skype Connect. Technical Datasheet

[SMO-SFO-ICO-PE-046-GU-

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Understanding digital certificates

Chapter 8. Network Security

Network Security Protocols

Module 7 Security CS655! 7-1!

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

ERserver. iseries. Secure Sockets Layer (SSL)

Security Protocols/Standards

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Security Digital Certificate Manager

Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin.

Information Security

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

How To Encrypt Data With Encryption

Introduction to Network Security Key Management and Distribution

Security. Learning Objectives. This module will help you...

Cryptography and Network Security Sicurezza delle reti e dei sistemi informatici SSL/TSL

Instructions on TLS/SSL Certificates on Yealink Phones

Wireless Mobile Internet Security. 2nd Edition

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

SSL/TLS: The Ugly Truth

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

Introduction to Cryptography

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

SSL A discussion of the Secure Socket Layer

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

Web Security: Encryption & Authentication

SSL Protect your users, start with yourself

What is network security?

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Certificates. Noah Zani, Tim Strasser, Andrés Baumeler

SBClient SSL. Ehab AbuShmais

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

Security Digital Certificate Manager

Transport Level Security

Angel Dichev RIG, SAP Labs

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Chapter 7: Network security

EXAM questions for the course TTM Information Security May Part 1

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

IBM i Version 7.3. Security Digital Certificate Manager IBM

Complying with PCI Data Security

Sync Security and Privacy Brief

TELE 301 Network Management. Lecture 18: Network Security

Lecture 9 - Network Security TDTS (ht1)

SECURITY IN NETWORKS

CS 758: Cryptography / Network Security

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Secure Socket Layer/ Transport Layer Security (SSL/TLS)

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Three attacks in SSL protocol and their solutions

Client Server Registration Protocol

Transcription:

Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter 4: Cryptography / Encryption

Introduction to Cryptography Cryptography comes from Greek kryptos means "hidden, secret"; and gráphō, "I write" respectively. It is the practice and study of hiding information. It is the science used to try to keep information secret and safe. Confidentiality is one of the three core principles of information security. The aim of confidentiality is to ensure that information is hidden from people who are unauthorized to access it. The confidentiality principle mandates that information should solely be viewed by people with appropriate and correct privileges. It is achieved either by authorization / authentication i.e. providing right access and validating it at the time of accessing information or by cryptography, which involves encryption and decryption methods. Encryption The process of converting a plain text message into a cipher text message i.e. non-readable format with the help of a secret key is called encryption and converting cipher text to plain text is called decryption. Plain Text Encryption / Decryption Secret Key Cipher Text Types of Encryption Symmetric Encryption: In this type of Encryption, both sender and receiver will use same key to Encrypt and Decrypt information. In the absence, of the secret key a third person will not be able to read the information. E.g. Suman wants to send confidential information to Kirti. Both Suman and Kirti will have access to same Secret Key. Suman Encrypt - Secret Key (Plaintext) = Ciphertext Kirti Decrypt - Secret Key (Ciphertext) = Plaintext Assymetric Encryption: In this type of Encryption, a pair of keys known as Public Key and Private Key is used. As name indicates, Public Key is shared and known to everyone where as Private Key is with the person himself. Sender while Encrypting will use Receiver s Public Key and encrypt the message whereas Receiver will use his/her Private Key to decrypt the message and read it. Suman Encrypt [Public Key - Kirti] (Plaintext) = CipherText Kirti Decrypt - [Private Key Kirti] (CipherText) = Plaintext It is apparent that secret key is very important in both the cases. So how do Suman and Kirti share Secret Key with each other? 2

How to share Secret Key? For symmetric encryption, the private key needs to be shared between both the communicating parties and there are multiple mechanisms like Diffie Hellman and RSA to achieve that. These mechanisms use asymmetric key i.e. Public Key Infrastructure to share the Secret Key. Digital Certificate Now, you would think how to discover Public Key of others? The answer is Digital Certificate. A Digital Certificate contains information about its owner like name, Public Key, Validity of certificate etc. All the browsers recognize Digital Certificates and will download them automatically. They will extract the Public Key to decrypt the message before they show the content to the receiver. Hence, Digital Certificates is commonly used mechanism to share Public Key with each other. Now, next problem is how to determine that the public key and the certificate belong to the user they claim to belong to. Public Key Infrastructure (PKI) is the answer to this problem. Public Key Infrastructure A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.; There are 3 key roles in PKI as below: Certificate Authority (CA): A Certificate Authority issues digital certificates to person or organization which requests for it. In many cases, it will also play role of Verification Authority (VA) and verify the digital certificates. E.g. Here are some of Comodo, Symantec, GoDaddy, GlobalSign, DigiCert Registration Authority (RA): Registration Authority is responsible for accepting requests for digital certificates and authenticating the person or organization making the request. This authority will verify identity of person / organization and ensure that person / organization is what it is claiming. Validation Authority (VA): A Validation Authority (VA) is an organization which verifies the digital certificates. It is often a 3 rd party organization i.e. a separate organization than CA or RA. 3

4 2 3 6 5 Source: https://en.wikipedia.org/wiki/public_key_infrastructure. User sends required information to Registration Authority. 2. Registration Authority verifies provided information & if found OK then registers user and shares OK report with Certificate Authority 3. Certificate Authority shares Public & Private Key with the user 4. Certificate Authority shared Public & Private Key with Validation Authority as well 5. While shopping, user will initiate transaction encrypted with his Private Key 6. Shopping website will share the Key information shared by user with Validation Authority. VA will validate it & if found to be correct then validate and authorize transaction. Applications of Cryptography Cryptography is used in many of the common activities in our daily lives. Below are some of the activities where cryptography is used:. Authentication Services: Authentication is a process of confirming that the user is what he/she is claiming to be. E.g. User Name/ Passwords: Storing and transmitting passwords used for authentication of users. 2. E-mail: Email is one of the most common mode of communication in today s world. It is used to share confidential / important information between two individuals / organizations. Security issues with email programs surfaced early in their lifecycle. The vendors of email programs realized that they would have to figure out a way for everyone to be able to send secure email. 4

That is, e-mail in some sort of coded or encrypted form. It only made sense that this new feature be standardized, so they created S/MIME Secure Multipurpose Internet Mail Extensions. 3. E-Commerce E-commerce portals handle user information, bank /card information, passwords etc. hence it is necessary that this information is securely transmitted from user to the portal, from portal to 3 rd party systems & back. Typically, these portal use Transport Layer Security (TLS)/ Secure Sockets Layer (SSL) protocols. The TLS/SSL protocols help prevent communications eavesdropping, tampering, and forgery. Web servers and browsers use the TLS handshake to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before transmitting data. The TLS handshake uses public key cryptography, such as RSA or DSS, to authenticate computers and to negotiate a shared secret. Of course, Digital Certificates are also used. TLS uses symmetric cryptography, such as DES or RC4, to encrypt the data, such as credit card numbers, prior to transmission over the network. Any message transmissions include a message authentication code (MAC) created with a hash function such as SHA or MD5 to prevent any communications tampering and forgery. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information