CS 665: Computer System Security. Crypto Services. Hashing. Cryptographic Hash Functions. Information Assurance Module



Similar documents
Savitribai Phule Pune University

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

A Noval Approach for S/MIME

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Introduction to Public Key Technology and the Federal PKI Infrastructure 26 February 2001

Overview. SSL Cryptography Overview CHAPTER 1

Public Key Infrastructure (PKI)

Business Issues in the implementation of Digital signatures

Information Security

How To Encrypt Data With Encryption

Security Digital Certificate Manager

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, Page 1

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Introduction to Network Security Key Management and Distribution

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 7: Network security

Ciphire Mail. Abstract

Introduction to Cryptography

Cryptography and Network Security Chapter 14

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

Public Key Encryption and Digital Signature: How do they work?

Apple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.

Chapter 6 Electronic Mail Security

SECURITY IN ELECTRONIC COMMERCE - SOLUTION MULTIPLE-CHOICE QUESTIONS

Trustis FPS PKI Glossary of Terms

Lecture VII : Public Key Infrastructure (PKI)

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Security Digital Certificate Manager

SECURITY IN NETWORKS

Controller of Certification Authorities of Mauritius

GlobalSign Enterprise Solutions

CRYPTOGRAPHY IN NETWORK SECURITY

Securing your Online Data Transfer with SSL

What is network security?

Neutralus Certification Practices Statement

Lecture 9: Application of Cryptography

Key Management Interoperability Protocol (KMIP)

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

An Introduction to Cryptography and Digital Signatures


How To Understand And Understand The Security Of A Key Infrastructure

PKI: Public Key Infrastructure

IT Networks & Security CERT Luncheon Series: Cryptography

Network Security. HIT Shimrit Tzur-David

Content Teaching Academy at James Madison University

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.

Public Key Infrastructure. A Brief Overview by Tim Sigmon

ARCHIVED PUBLICATION

Ericsson Group Certificate Value Statement

Using etoken for SSL Web Authentication. SSL V3.0 Overview

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

Research Article. Research of network payment system based on multi-factor authentication

CS 392/681 - Computer Security

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Network Security Protocols

Secure Data Exchange Solution

Guide to Data Field Encryption

Advanced Authentication

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status

Chapter 10. Cloud Security Mechanisms

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

Concept of Electronic Approvals

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Module 7 Security CS655! 7-1!

The World of Emerging Payment Systems A Brief Introduction

Expert Reference Series of White Papers. Fundamentals of the PKI Infrastructure

CALIFORNIA SOFTWARE LABS

Cryptography & Digital Signatures

Network Security. Network Security. Security in Computer Networks

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Message authentication and. digital signatures

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Encryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1

Lecture 31 SSL. SSL: Secure Socket Layer. History SSL SSL. Security April 13, 2005

IoT Security Platform

Installing your Digital Certificate & Using on MS Out Look 2007.

Guidelines Related To Electronic Communication And Use Of Secure Central Information Management Unit Office of the Prime Minister

CS 356 Lecture 28 Internet Authentication. Spring 2013

Programming with cryptography

Digital certificates. Name Vivek kumar EM No Subject E-Business technologies Prof. Dr. Eduard heindl

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

CSCE 465 Computer & Network Security

7 Key Management and PKIs

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016

Certification Practice Statement

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

HKUST CA. Certification Practice Statement

Transcription:

CS 665: Computer System Security Crypto Services Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Hashing Primary Goal: Integrity Protection Guarding against modifications Hash functions classify an input based on its contents Classification is repeated on the receiver side, if the results match, tampering unlikely Simplest example: Even/odd parity 1000 => parity 1; 0011 => parity 0; 1101 => parity 1 Digest: A reduced form of the body of data. Typically 100 1000 bits long. 1-2 Cryptographic Hash Functions Sender and Receiver agree on a hash function Data and a hash value sent Receiver separates the data and recomputes the hash value and compares with the received one An intruder must not know the hash function! NIST Standard: SHA (Secure Hash Function) Input length: <2 64 bits. Digest: 160 bits. 1-3 Rev 1.1 1-1

Secure Hash Function (SHA) 1. Pad the message with random 1 s & 0 s Add 64 bits indicating original message length Total message length a multiple of 512 2. Process message in 16x32 bit long words W(0), W(1),, W(15) 3. Expand W(1),,W(15) to 80 words W(t)=W(t-3)+W(t-8)+W(t-14)+W(t-16) [15<t<80] Apply further transformations to each block and compute a message digest 1-4 SHA-1 algorithm Note: All variables are unsigned 32 bits and wrap modulo 2^32 when calculating Initialize variables: h0 := 0x67452301 h1 := 0xEFCDAB89 h2 := 0x98BADCFE h3 := 0x10325476 h4 := 0xC3D2E1F0 Initialize hash value for this chunk: a := h0; b := h1; c := h2; d := h3; e := h4; Main loop: for i from 0 to 79 if 0 i 19 then f := (b and c) or ((not b) and d) k := 0x5A827999 else if 20 i 39 f := b xor c xor d k := 0x6ED9EBA1 else if 40 i 59 f := (b and c) or (b and d) or (c and d) k := 0x8F1BBCDC else if 60 i 79 f := b xor c xor d k := 0xCA62C1D6 temp := (a leftrotate 5) + f + e + k + w(i) e := d; d := c; c := b leftrotate 30; b := a; a := temp; Add this chunk's hash to result so far: h0 := h0 + a; h1 := h1 + b; h2 := h2 + c; h3 := h3 + d; h4 := h4 + e; digest = hash = h0 append h1 append h2 append h3 append h4 (expressed as big-endian) 1-5 SHA (2) It is unlikely that an intruder will manage to change ALL the right bits. Information is diffused throughout the message. A desired change causes an avalanche of changes. The goal of a good hash function is to generate different value of a digest for as many meaningful messages as possible. 1-6 Rev 1.1 1-2

Key Escrow and Clipper Plaintext K Encryption Ciphertext Decryption Plaintext Escrowed Encryption: Plaintext K Encryption Ciphertext Decryption Plaintext Escrow Agency Decryption Plaintext 1-7 Clipper Chip (Fortezza) Clipper proposal: Split every encryption key into halves. Each half stored by a different agency. Authorized court order may allow delivering key halves to law enforcement. Only hardware embodiments of the algorithm sold. Security by obscurity. 1-8 Clipper Message u 1, u 2 M k n, A k f 1. Intercept M+LEAF. LEAF field 2. Using f, decrypt and obtain n (message ID), A. 3. Deliver n and the court order to escrow agencies. 4. Receive two halves of key u. 5. Decrypt the key k using u. 6. Decrypt M using key k. 1-9 Rev 1.1 1-3

Information Assurance Introduction Authentication and Identification Principles of Cryptography Modern Cryptography Secure Information Exchange 1-10 Communication Protocols Protocols separate the Process of accomplishing the task from the Mechanisms by which it is done Specify the Rules of Behavior Arbitrated protocols: Actively involve a disinterested third party. Adjudicated Protocols Self-Enforcing Protocols 1-11 Symmetric Key Exchange Without a Server, the old key is used to encrypt and exchange the new key When a Repository (Key Server) is available: 1. A->R: (A, B, Ia) 2. R->A: E(Ka, (Ia, B, Kab, E(Kb, (Kab,A)))) Only A can open this message 3. A->B: E(Kb, (Kab, A)) Only B can open this message 4. A and B communicate using the SESSION key Kab 1-12 Rev 1.1 1-4

Assymetric Key Exchange (Without a Server) A has Ea and Da (Public and Private Keys) B has Eb and Db (Public and Private Keys) A can send Eb(M) to B Typically slow. A symmetric session key desirable. A -> B: Eb(Kab) No assurance that this message came from A! Therefore: A->B: Eb(Da(Kab)) Communication continues using Kab 1-13 Certificates Used for the Establishment of Trust Two parties can trust each other, if they know someone in common A Public Key and someone s identity are bound together in a Certificate Signed by someone certifying the accuracy of the binding Need to trust the top authority 1-14 The Concept of Hierarchies Edward Diana Bob Delwyn Brian Source: Charles P. Pfleeger: Security in Computing (second edition), Prentice Hall PTR, 1997. 1-15 Rev 1.1 1-5

Practical Digital Certificates A certificate is a digital document, published by the Certificate Authority. Contains public keys (accessibility). Information about the public key owner. Information about the issuer of the certificate. Issuing authority s signature ensures authenticity. 1-16 Digital Signatures A Protocol that produces the same effect as a Real Signature Only the sender can make it Others can recognize it belongs to the sender Not forgeable No one else can produce the same signature Authentic Easy to check that the signature belongs to the sender, the signature firmly attached to the message Not alterable (once sent it cannot be changed) Not reusable (can be used only once) 1-17 Public Key Digital Signature Public Keys ideally suited for Signatures Ssends a signed message M to R: S-> R: Ds(M) LEGEND: Keys for S: Ds Private key Es Public key Not forgeable and Authentic: Only S could have sent this message. Message is not private (use two encryptions). Not alterable. Time stamps can be used to guard against replays. 1-18 Rev 1.1 1-6

Practical Digital Signatures Uses Asymmetric Keys combined with a Hash Inserts Encrypted Hash into a file along with the Verification (Public) Key Provides integrity services for the data that contains the signature CAN provide evidence for non-repudiation 1-19 Digital Signatures Data Private signing key = hash value ENCRYPTS = encrypted hash (Public) Verification Key Completed Digital Signature VERIFICATION New Hash computed IF = (Public) Verification Key = encrypted hash = trusted hash value = hash value THEN ok ELSE untrusted 1-20 Definition of PKI A Public Key Infrastructure (PKI) is an environment consisting of protocols, services and standards that support applications of public key cryptography. Typically a collection of Certificate Authorities (CA), associated repositories, and governing policies and policy bodies that are used to manage the distribution and trust relationship between digital certificates. 1-21 Rev 1.1 1-7

Motivation for PKI PKI provides evidentiary services that can prove non-repudiation PKI provides encryption services for protecting electronic information in transmission and storage states PKI provides the ability to affix digital signatures to electronic information, which can replace traditional paper based business practices PKI provides a mechanism to ensure data integrity PKI provides enhanced user identification by binding a certificate to an entity (person, computer, etc.) 1-22 Typical Uses for PKI Securing e-mail (S/MIME) Securing transactions between business partners and end clients over public networks, such as the Internet Securing stored data through folder-based encryption, encrypted databases Integrity for electronic data such as e-mails, financial exchanges, and mission critical business transactions through digital signatures User authentication and access control through certificatebased identification Non-repudiation - Digital Certificates validate their users' identities, making it nearly impossible to later repudiate a digitally "signed" transaction, such as a purchase made on a web site 1-24 Why is PKI needed? (2) In its 1999 survey, the Computer Security Institute estimated the total financial losses by the 163 businesses it surveyed from computer security breaches at $123.7 million...e-commerce has become so important that firms, including Sedgwick Group PLC (in cooperation with IBM), Lloyds of London, and Network Risk Management Services, are now offering hacker insurance Source: Michael A. Vatis, Director of the National Infrastructure Protection Center (NIPC), Federal Bureau of Investigation, - Congressional Statement on NIPC Cyber Threat Assessment, October 1999 http://www.fbi.gov/pressrm/congress/congress99/nipc10-6.htm 1-26 Rev 1.1 1-8

PKI Encryption Combination of Symmetric encryption for speed and Asymmetric Encryption for delivery Encrypted Message Plaintext Message ENCRYPTS One time symmetric session key ENCRYPTS Recipient s Public Key Used to Encrypt Symmetric Key Encrypted Message And Key Recipient s Public Key Recipient s Private Key Decrypts Symmetric Key One time symmetric session key Obtained Encrypted Message DECRYPTS Plaintext Message Repository 1-27 Practical Key Distribution 1 Subscriber provides proof of identity to the RA 1 2 RA verifies identity and informs CA 3 CA generates and signs the subscribers unique certificate 4 CA securely sends private certificate to subscriber and posts public certificate in the repository Subscriber Repository 4 4 Registration Authority (RA) Certificate Authority (CA) 2 3 1-28 X.509 Certificate Standard CA Signature Version Serial Number JoeU001 Signature Algorithm SHA-1 Issuer Name (CA) c=us, o=acme Inc. Validity Period 03/01/2002 cn=john Doe, o=us., ou=army, ou=ft Meade John Doe s Public Certificate 3082a509dc3746b2198139fff59156736571237 John Doe s Unique Identifier Issuer s Unique Identifier E-mail Address Telephone Number Business Unit 1-29 Rev 1.1 1-9

Certificate Uses Encryption Pair A Public Certificate is used to Encrypt A Private Certificate is used to Decrypt Signature Pair A Private Certificate is used to sign (Encrypt the Hash) A Public Certificate is used to verify (Decrypt the Hash for comparison) 1-30 Certificate Verification Certificate of End Entity (i.e. User) Name: John E. Doe Issuer: US.Gov Serial Number: 360C BACF Valid From: 11/12/01 2:48:18 AM Valid To: 12/12/02 2:48:18 AM Subject Alt Name: ABC123 Name = JED@email.com Key: 3082jh3765f098sha97209hcb65302 Issuer s Signature: 98HD82350GLA8357AH123595LKNA34 Issuer s Certificate (i.e. The CA) Name: US.Gov Issuer: US Government Serial Number: 123A ABCD Valid From: 09/01/99 5:48:18 PM Valid To: 09/01/19 5:48:18 PM Key: 3083hi21987ma290bce932nd57dc35 Issuer s Signature: 53F934867HMGIUEW9274JG23509002 Certificate Revocation List (CRL) Name: US.Gov Issuer s Signature: 53F934867HMGIUEW9274JG23509002 Revoked Certificates: xyzc vqrs (1214/99), 0756 12A4 (12/10/99) 1-31 PKI vulnerabilities Likelihood of misusing the private key. Key management and key security are paramount. If protected by a PIN, and the PIN gets compromised. Private keys stored on local disks (security). 1-32 Rev 1.1 1-10

Secure Electronic Transaction Protocol SET was developed in 1996, as a part of Visa and MasterCard s initiative to promote security on the Internet and build consumer trust in e-commerce. It is designed to provide an unrivalled level of security and authentication for Internet payments. 1-33 SET Definition What is a SET? Secure Electronic Transaction(SET) is an Open Encryption and Security Specification (available at http://www.setco.org/) designed to protect Credit-Card Transactions on the internet. A wide range of companies were involved in developing the initial specification,including IBM, Microsoft, Netscape, RSA, Terisa and Verisign. 1-34 Objectives of SET Confidentiality: Encryption of information provides the confidentiality of information. Authentication: Digital signatures and Certificates provide the means to authenticate other participants in the transaction. Message Integrity: Digital signatures are used to detect tampering. Interoperability: An open set of protocols is used to provide interoperability between implementations of different vendors. 1-35 Rev 1.1 1-11

Participants in a SET Card holder: Consumer doing the purchase Issuer: Financial Institution that issues the card to the card holder. Merchant: Online Store providing the goods. Acquirer: Financial Institution of the Merchant. Payment Gateway: System operated by the Acquirer, that handles the financial requests from the interacts with the Issuer on the Merchants behalf. Certificate Authority: Well-known web site that can generate and validate certificates. 1-36 1-37 SET in Action 1. Customer opens a master card or visa bank account. 2. Customer receives a digital certificate. 3. Third-party merchants also receives certificates. 4. Customer places an order over a web page, by phone,etc. 5. The customers browser received and confirms from the merchants certificate that the merchant is valid. 6. The browser sends the order information. 7. The merchant verifies the customer by checking the digital signature on the customers certificate. 1-38 Rev 1.1 1-12

SET in Action (2) 8. The merchant sends the order message to the bank. 9. The bank verifies the merchant and the message. 10. The bank digitally signs and sends authorization to the merchant who can then fill the order. 1-39 1-40 Rev 1.1 1-13

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information