Академический Документы
Профессиональный Документы
Культура Документы
NETW4006-Lecture01
Protocols
Warm Welcome. Self Introduction. Treat me as a friend. Language Probs.. Subject Probs.. No Failures. Black Board (Bb) Notes Handouts -Exams Wish you a colorful success semester.
NETW4006-Lecture01
Content
Common Definitions Cryptographic System Strength Symmetric and Asymmetric Encryption Signature Key Signing and X.509 Standard Common Standards References
NETW4006-Lecture01 5
Encryption - Decryption
10
Cryptography..
Cipher Mechanism based up on a Policy..
A
Authentication Confidentiality Integrity
11
Non Repudiation .
Cryptography..
A C I N C A I N
Confidentiality is Privacy So
12
P A I N
Cryptography..
See..
13
Cryptography..
Privacy
A
Message
14
Cryptography..
Authentication
A & B has to authenticate themselves B should get the confidence that this i.e. message is from A.
15
Cryptography..
Integrity There is no chance for modifications..
A B
16
Cryptography..
Example: if the message is 1+1 = 2 1+1 = 2; (1+1=2) 1, 1 = 2 1+1 = 2
It should be
17
Crypto..
Data Flow..
..
Just for interrupting the flow, not for modification. i.e. wont alter
18
Crypto..
Flow..
C taps the message modify it - sends it .. Imp thing is B will not get any info.. Blindly he believe , its from
C send a message to B- stating its from A Fake or false identification B blindly believe its from A
19
1.A can select a key and physically deliver it to B 2. A third party can select the key and physically deliver it to A and B 3. If A and B have previously and recently used a key, one party can transmit the new key to the other, encrypted using the old key
NETW4006-Lecture01 22
NETW4006-Lecture01
23
Advantages: Better at key distribution, better scalability for large systems, can provide authentication and non-repudiation Disadvantages: Asymmetric ciphers are many times slower than symmetric ciphers Includes: RSA (Rivest, Shamir, Adelman), Diffie Hellman, El Gamal, DSA (Digital Signature Algorithm), Knapsack, PGP (Pretty Good Privacy).
NETW4006-Lecture01 24
Ciphertext
Private Key
Ciphertext
Plaintext
Public Key
Private Key
Plaintext
Public Key
CipherText
Signature (1)
Message = M Hash(M) Private Key 5a44ef150d fingerprint ALICE Signature Message = M
5a44ef150d
comparison
Signature Public Key 5a44ef150d
NETW4006-Lecture01
26
Signature (2)
Signature = Hash value encrypted with the senders private key Hash = A hash function transforms a message M of arbitrary length to a numeric fingerprint (called a digest) of fixed length (128 bits for MD5). A hash function must have the following properties to be used in cryptographic transformations: a) Make computationally impossible or very difficult to find two messages producing the same fingerprint b) Make computationally impossible or very difficult to reverse the hash function
NETW4006-Lecture01
27
Signature (3)
Due to a) and b) hash functions are used to ensure the integrity of a message when transmitted through a non secure channel Act of signing means encrypting messages hash value with private key
Ensures integrity, authentication, and nonnonrepudiation: repudiation: Ensures that message was not altered and also came from Bob Hash includes: DSS (Digital Signature Standard), MD2 (Message Digest 2), MD4, MD5, SHA (Secure Hash Algorithm)
NETW4006-Lecture01 28
Definition: X.509 is the ITU (International Telecommunication Union) standard that specifies the content of a numeric certificate. Key certificate fields in X.509v3
Version Serial number (unique) Signature algorithm identifier: hash algorithm (ex: MD5) Issuers name: uniquely identifies issuer (CA) Interval of validity Subjects name; uniquely identifies subject (Alice) Subjects public key Signature
Identifies algorithm used to sign the certificate (ex: RSA) Signature (enciphered hash)
NETW4006-Lecture01 32
3DES widely used, 2DES is flawed 168 (3*56)-bit key effective key size is 112 bits Billion of billion computational power
NETW4006-Lecture01
35
NETW4006-Lecture01
39
NETW4006-Lecture01
42
NETW4006-Lecture01
44