Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Public Key

advertisement 
Public Key
 Data Encryption Standard (DES)
o US Govt. standard for encrypting large blocks of data;
o Both Sender and Receiver must have the same key to encrypt
and decrypt.
o Difficult to break computationally
o Unsuitable over the Internet; since the keys must be transmitted
over the insecure Internet
o Only useful for Bilateral communication
 RSA Public-Key Cryptography
o Each person has a private and a public key
o Private key is never transmitted over the network
o Sender uses his or her private key to create a digital signature
o The encrypted message is sent along with the sender’s public
key
o The recipient can verify the digital signature using the sender’s
public key
o Inefficient for large blocks of data like videos
 Pretty Good Privacy (PGP)
o Phil Zimmerman 1991
o PGP creates a random session key for the message
o IDEA algorithm to encrypt the message with the session key.
o RSA algorithm to encrypt the session key with recipient’s public
key
o Bundles the message and the session key together for
transmission

 Kerberos
o Embedded in any network protocol
o Mainly used by APP like telnet & ftp to provide host security
o Maintains a central database of secret keys
o Each user or service shares a secret key with Kerberos key
distribution center (KDC)
o All kerberos messages contains a checksum, this is checked on
decryption by the recipient.
o Difficult to secure the kerberos server itself.
 Solution to Public Key encryption overhead:
o Use public key encryption to distribute a randomly generated,
one-time “session” key that is used for all communications
 -> Secure Session Layer Solution (SSL)
o Client (Browser) and Server both support 1. Public Key
Encryption & 2. Single Key Encryption.
o When Browser connects to a “secure” service, a random bit
string is generated and communicated to the server using public
key encryption. From then on, all messages are
encrypted/decrypted using this SESSION “key”.
 EXAPLE
o Can John “stamp” a document so that only Mary can use it?
 Encrypt with Mary’s public key, no one else can decrypt it
except Mary
o How does Mary know the “stamped” doc. came from John?
2
 Encrypt it twice, first with Mary’s public key, then with
John’s Private Key. Mary can decrypt it with her private
key and John’s Public Key
 Other:
o In almost all cases, the use of the keys is hidden from the users
and built-in to the application software, i.e. https:, ssh sftp, …
o However, there is still the chance that a breakthrough in
computer speed (i.e. quantum computers) or algorithms could
change the landscape. We are already using more and more bits
in the keys as computers get faster.
 How can I be sure a digital document hasn’t been altered?
o Use a identifier like hash key -> encrypt it and send along with
message.
3
Related documents
Encryption Methods and algorithms
Encryption Methods and algorithms
Generic encryption
Generic encryption
Test 2
Test 2
security - UW Staff Web Server
security - UW Staff Web Server
E-business and Security
E-business and Security
QUIZ CMPE-553 15.04.2013 (90 min, 2 points)
QUIZ CMPE-553 15.04.2013 (90 min, 2 points)
GPG Encryption
GPG Encryption
Architecture schedule
Architecture schedule
SE Requirements Specification (1)
SE Requirements Specification (1)
Description
Description
Document
Document
Lecture 21
Lecture 21
Short answer questions - Campbell County Schools
Short answer questions - Campbell County Schools
End of Chapter Solutions Template
End of Chapter Solutions Template
- Tech Smart Solutions
- Tech Smart Solutions
1. Which of the following is correct with respect to customers
1. Which of the following is correct with respect to customers
Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys
Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys
Issue 73 Encryption Algorithm
Issue 73 Encryption Algorithm
Mary Mackillop!
Mary Mackillop!
Hwk #11
Hwk #11
Slides for Lec 1 - Computer Science and Engineering
Slides for Lec 1 - Computer Science and Engineering
FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment
FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment
Download
advertisement