Moein

577 views
521 views

Published on

secrity moein

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
577
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
22
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Moein

  1. 1. Security in e-commerce Ahmad allahbakhshe
  2. 2. Introduction <ul><li>Security in e-commerce subject new </li></ul><ul><li>Security in e-commerce such as threats, risks,… </li></ul><ul><li>Imporatance subject in Security e-commerce subject Inter network Security </li></ul>
  3. 3. Mechanisms Cryptography types <ul><li>Cryptography Principles of encryption, the encryption </li></ul><ul><li>two type Mechanisms Cryptography : </li></ul><ul><li>Symmetric Cryptosystem </li></ul><ul><li>Asymmetric Cryptosystem </li></ul>
  4. 4. Method Symmetric <ul><li>Method Symmetric two type: </li></ul><ul><li>Stream cipher </li></ul><ul><li>Block cipher </li></ul>
  5. 5. Hash Functions <ul><li>Characteristics </li></ul><ul><ul><li>Given M, it is easy to compute h </li></ul></ul><ul><ul><li>Given h, it is hard to compute M such that H(M)= h </li></ul></ul><ul><ul><ul><li>One-way characteristic </li></ul></ul></ul><ul><ul><li>Given M, it is hard to find another message , M`, such that H(M)=H(M`) </li></ul></ul><ul><ul><ul><li>Also called weak collision resistance </li></ul></ul></ul><ul><ul><li>It is hard to find two random messages, M and M` , such that H(M)=H(M`) </li></ul></ul>
  6. 6. Hash Functions f f f Y 0 Y 1 Y m-1 IV=CV 0 CV 1 CV m-1 n n n b b b … n n CV m =H(M)
  7. 7. MD5 <ul><li>Produces 128-bit hash codes </li></ul><ul><li>The input is processed in 512-bit blocks </li></ul><ul><ul><li>Input message is padded to be an integer multiple of 448 (512-64) </li></ul></ul><ul><ul><ul><li>Padding is 1-bit followed by 0s </li></ul></ul></ul><ul><ul><li>Append a 64-bit representation of length of the input </li></ul></ul><ul><ul><ul><li>If input is greater than 2 64 only the low-order 64 bits of the length are used </li></ul></ul></ul><ul><ul><li>Initialise the MD buffer (128 bits) to a fixed value </li></ul></ul><ul><ul><ul><li>This buffer is used to hold intermediate and final results of the hash function (chaining variable) </li></ul></ul></ul><ul><ul><li>Process all m 512-bits blocks with H MD5 compression </li></ul></ul>
  8. 8. Strength of MD5 <ul><li>Every bit of the hash code is a function of every bit in the input </li></ul><ul><ul><li>Brute force attack complexity is 2 128 </li></ul></ul><ul><ul><li>Birthday attack complexity is 2 64 </li></ul></ul><ul><li>Considered cryptanalytically vulnerable </li></ul>
  9. 9. Encryption algorithms <ul><li>1)DES </li></ul><ul><li>2) AES </li></ul>
  10. 10. History of DES <ul><li>IBM develops Lucifer for banking systems (1970’s ) </li></ul><ul><ul><li>NIST and NSA evaluate and modify Lucifer (1974) </li></ul></ul><ul><li>Modified Lucifer adopted as federal standard (1976) </li></ul><ul><ul><li>Name changed to Data Encryption Standard (DES) </li></ul></ul><ul><ul><li>Defined in FIPS (46-3) and ANSI standard X9.32 </li></ul></ul><ul><li>NIST defines Triple DES (3DES) (1999) </li></ul><ul><ul><li>Single DES use deprecated - only legacy systems. </li></ul></ul><ul><li>NIST approves Advanced Encryption Std. (AES) (2001) </li></ul><ul><ul><li>AES which will replaces DES and 3DES. </li></ul></ul>
  11. 11. DES <ul><li>Block length = 64 bits (L,R of 32 bits each.) </li></ul><ul><li>Key Length = 56 bits (8 parity bits) </li></ul><ul><ul><li>16 subkeys of 48 bits each are created for the 16 rounds </li></ul></ul>
  12. 12. DES <ul><li>Block length is same as DES but use 3 DES steps. </li></ul><ul><li>Key length = 168 bits </li></ul><ul><ul><li>Uses a 56 bit key for each of the 3 DES stages </li></ul></ul><ul><li>Keys may be independent or related </li></ul><ul><ul><li>if k 1 = k 2 = k 3 3DES is compatible with DES. </li></ul></ul>
  13. 13. AES <ul><li>The RSA Cryptosystem </li></ul><ul><ul><li>Proposed by Rivest, Shamir, and Adleman (1977) </li></ul></ul><ul><ul><li>Used for encryption and signature schemes </li></ul></ul><ul><ul><li>Based on the intractability of the integer factorization problem </li></ul></ul><ul><ul><li>Key generation </li></ul></ul><ul><ul><ul><li>Let p, q be large prime, n=pq and  =(p-1)(q-1) </li></ul></ul></ul><ul><ul><ul><li>Choose randomly e s.t. gcd(e,  )=1 </li></ul></ul></ul><ul><ul><ul><li>Compute d  e -1 mod  </li></ul></ul></ul><ul><ul><ul><li>Public-key: (e, n) </li></ul></ul></ul><ul><ul><ul><li>Private-key: (d,n) </li></ul></ul></ul><ul><ul><ul><li>RSA function: f(m)=m e mod n </li></ul></ul></ul>
  14. 14. AES <ul><ul><li>Key generation </li></ul></ul><ul><ul><ul><li>Let p, q be large prime, n=pq and  =(p-1)(q-1) </li></ul></ul></ul><ul><ul><ul><li>Choose randomly e s.t. gcd(e,  )=1 </li></ul></ul></ul><ul><ul><ul><li>Compute d  e -1 mod  </li></ul></ul></ul><ul><ul><ul><li>Public-key: (e, n) </li></ul></ul></ul><ul><ul><ul><li>Private-key: (d,n) </li></ul></ul></ul><ul><ul><ul><li>RSA function: f(m)=m e mod n </li></ul></ul></ul>
  15. 15. AES Encryption Decryption M E C KU a E KUa (M)= M e (mod n) D KR a D KRa (C)= C d (mod n) M n = pq d*e = 1 (mod ø(n)) Private key KRa = (d, n) Public key KUa = (e, n)
  16. 16. Public Key <ul><li>Here we go again!! </li></ul><ul><li>Exchange key in person </li></ul><ul><li>Verify the pubic key </li></ul><ul><ul><li>Via telephone </li></ul></ul><ul><ul><ul><li>using the key’s fingerprint, which is considerably shorter </li></ul></ul></ul><ul><li>Obtain public key through a trusted third party </li></ul><ul><ul><li>Person or authority </li></ul></ul>
  17. 17. Types of attack <ul><li>Ciphertext-only attack </li></ul><ul><ul><li>The attacker only has a few ciphertexts to use </li></ul></ul><ul><li>Known-plaintext attack </li></ul><ul><ul><li>The attacker possesses a few ciphertexts and the relative plaintexts </li></ul></ul><ul><li>Chosen-plaintext attack </li></ul><ul><ul><li>Like in known-plaintext plus the attacker can choose the plaintext that gets encrypted (more powerful) </li></ul></ul><ul><li>Adaptive-chosen-plaintext attack </li></ul><ul><ul><li>Like in chosen-plaintext attack plus the attackers can modify the choice based on the results of previous encryption </li></ul></ul>
  18. 18. Brute Force Attacks <ul><li>All cryptosystems can be broken with a ciphertext-only attack aka Brute Force Attack </li></ul><ul><ul><li>It doesn't apply to OTP </li></ul></ul><ul><li>Brute force attack </li></ul><ul><ul><li>Try all possible keys </li></ul></ul><ul><ul><li>Try all possible plaintext (Dictionary attack for passwords) </li></ul></ul><ul><ul><li>Complexity </li></ul></ul><ul><li>Complexity of the attack </li></ul><ul><ul><li>Data Complexity, Processing Complexity, Storage requirements </li></ul></ul>
  19. 19. Firewalls <ul><li>A firewall is a barrier placed between the private network and the outside world. </li></ul><ul><li>All incoming and outgoing traffic must pass through it. </li></ul><ul><li>Types firewall : </li></ul><ul><li>Router-Based </li></ul><ul><li>Host Based </li></ul>
  20. 20. Secure Protocols <ul><li>SSL </li></ul><ul><li>SET </li></ul><ul><li>S/MIME </li></ul><ul><li>TLS </li></ul><ul><li>SSH </li></ul><ul><li>And … </li></ul>
  21. 21. SSL <ul><li>Originally designed for TCP </li></ul><ul><ul><li>Assumes reliable delivery of packets </li></ul></ul><ul><ul><li>Cannot run on UDP or IP </li></ul></ul><ul><li>Other SSL variants work over UDP </li></ul><ul><ul><li>Microsoft’s STLP </li></ul></ul><ul><ul><li>WAP Forum’s WTLS </li></ul></ul>
  22. 22. SSL <ul><li>Three purposes: </li></ul><ul><ul><li>Agree on a set of algorithms to be used in the communication </li></ul></ul><ul><ul><li>Establish the key to be used with the above algorithms </li></ul></ul><ul><ul><li>Optionally authenticate the client </li></ul></ul>
  23. 23. SET <ul><li>Developed by Visa and MasterCard </li></ul><ul><li>Designed to protect credit card transactions </li></ul><ul><li>Confidentiality: all messages encrypted </li></ul><ul><li>Trust: all parties must have digital certificates </li></ul><ul><li>Privacy: information made available only when and where necessary </li></ul>
  24. 24. SET
  25. 25. S/MIME <ul><li>Uses encryption </li></ul><ul><ul><li>both symmetric and public key strategies </li></ul></ul><ul><li>Symmetric key is transmitted with the message </li></ul><ul><li>Shared secret is encoded using public key of the recipient </li></ul><ul><li>Uses digital signatures to protect against tampering and forgery </li></ul>
  26. 26. S/MIME <ul><li>Problems with RFC 822 </li></ul><ul><ul><li>Cannot send binaries and executables </li></ul></ul><ul><ul><li>Limited to 7-bit ASCII </li></ul></ul><ul><ul><li>Oversized emails could be rejected </li></ul></ul><ul><ul><li>Encoding problems </li></ul></ul><ul><li>MIME introduces five new header fields </li></ul><ul><ul><li>Allows new content and multiple content </li></ul></ul><ul><ul><li>Defines transfer encodings for message bodies </li></ul></ul>
  27. 27. S/MIME Versions <ul><li>Version 2 </li></ul><ul><ul><li>widely implemented but limited </li></ul></ul><ul><ul><ul><li>40-bit keys (the RC2 algorithm) </li></ul></ul></ul><ul><ul><ul><li>RSA-patented symmetric algorithms </li></ul></ul></ul><ul><li>Version 3 </li></ul><ul><ul><li>currently in IETF draft </li></ul></ul><ul><ul><ul><li>uses Diffie-Hellman instead of RSA technology </li></ul></ul></ul><ul><ul><ul><li>support for strong encryption </li></ul></ul></ul>
  28. 28. TLS <ul><li>The TLS protocol comes from lessons learned by the SSL and PCT protocols </li></ul><ul><li>Very similar to the SSL v3 protocol </li></ul><ul><li>The TLS v1.0 protocol is described in RFC2246 </li></ul><ul><li>The TLS protocol is composed by two layers: </li></ul><ul><ul><li>TLS record protocol </li></ul></ul><ul><ul><li>TLS handshake protocol </li></ul></ul>
  29. 29. TLS <ul><li>The primary goal of the TLS Protocol is to provide privacy and data integrity between two communicating applications. </li></ul><ul><li>Goals of TLS </li></ul><ul><ul><li>Cryptographic security </li></ul></ul><ul><ul><li>Interoperability </li></ul></ul><ul><ul><li>Extensibility </li></ul></ul><ul><ul><li>Relative efficiency </li></ul></ul>
  30. 30. SSH <ul><li>SSH provides secure replacements for rsh, rlogin , rcp, ftp, and telnet, all of which transmit data over the network as clear text </li></ul><ul><li>The SSH protocol was developed in 1995 to address the various security issues associated with the &quot;r-commands&quot; </li></ul><ul><li>Developed by Tatu Ylönen, a researcher at the Helsinki University of Technology </li></ul>
  31. 31. SSH <ul><li>SSH protocol is based on a client/server architecture </li></ul><ul><ul><li>A user who wants to connect to a remote host will execute the ssh command (the client) on his local machine </li></ul></ul><ul><ul><li>It will connect to the remote computer's ssh daemon (the server) </li></ul></ul><ul><li>There are two primary versions of the SSH protocol </li></ul><ul><ul><li>SSH-1 </li></ul></ul><ul><ul><li>SSH-2 </li></ul></ul>
  32. 32. Payment Gatway <ul><li>Decrypt the digital license to obtain and decrypt the symmetric key block </li></ul><ul><li>Verify the sign vendor </li></ul><ul><li>Decrypt digital pay to obtain and decrypt the symmetric key block </li></ul>
  33. 33. IPSec—IP Security <ul><li>Provide encryption and integrity protection to IP packets (and authentication of two peers). </li></ul><ul><ul><li>AH (Authentication Header) </li></ul></ul><ul><ul><ul><li>An additional header, provides integrity protection </li></ul></ul></ul><ul><ul><li>ESP (Encapsulating Security Payload) </li></ul></ul><ul><ul><ul><li>Also an addition header, provides encryption and integrity protection </li></ul></ul></ul><ul><ul><li>IKE (Internet Key Exchange) </li></ul></ul><ul><ul><ul><li>Establishing session keys (used for AH & ESP) as well as authentication. </li></ul></ul></ul><ul><ul><li>Both AH and ESP are called IPSec Headers. </li></ul></ul><ul><ul><li>Authentication: users and data. </li></ul></ul>
  34. 34. Security Associations (SA) <ul><li>Provide encryption and integrity protection to IP packets (and authentication of two peers). </li></ul><ul><ul><li>AH (Authentication Header) </li></ul></ul><ul><ul><ul><li>An additional header, provides integrity protection </li></ul></ul></ul><ul><ul><li>ESP (Encapsulating Security Payload) </li></ul></ul><ul><ul><ul><li>Also an addition header, provides encryption and integrity protection </li></ul></ul></ul><ul><ul><li>IKE (Internet Key Exchange) </li></ul></ul><ul><ul><ul><li>Establishing session keys (used for AH & ESP) as well as authentication. </li></ul></ul></ul><ul><ul><li>Both AH and ESP are called IPSec Headers. </li></ul></ul><ul><ul><li>Authentication: users and data. </li></ul></ul>
  35. 35. IPSec mode usage <ul><li>Transport mode is used when IPSec is used end-to-end </li></ul><ul><li>Tunnel mode is used between firewalls or endnode and firewall. (Example) </li></ul><ul><li>Combination of multiple modes </li></ul><ul><li>In tunnel mode, the original IP packet will be kept intact ( not really ?). </li></ul>
  36. 36. IKE phases <ul><li>Phase 1 </li></ul><ul><ul><li>Mutual authentication and establishes session keys (used in phase 2) by key exchange, called IKE SA </li></ul></ul><ul><ul><ul><li>How about authentication: </li></ul></ul></ul><ul><ul><ul><ul><li>Pre-shared secret key </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Public encryption key </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Public signature key </li></ul></ul></ul></ul><ul><ul><ul><li>Establishes session key </li></ul></ul></ul><ul><ul><ul><ul><li>Diffie-Hellman key exchange, </li></ul></ul></ul></ul><ul><ul><ul><ul><li>protected by above keys. </li></ul></ul></ul></ul>
  37. 37. IKE phases <ul><li>Phase 2 </li></ul><ul><ul><li>Establish multiple session keys, such as ESP SA, AH SA, … </li></ul></ul>
  38. 38. IKE phase 1—main mode Alice Bob Crypto suites I support Crypto suite I choose g a mod p g b mod p g ab mod p{“Alice”, proof I am Alice} g ab mod p{“Bob”, proof I am Bob}
  39. 39. IKE phase 2 <ul><li>Any party can initiate a quick mode exchange to set up an ESP SA or AH SA </li></ul><ul><ul><li>Negotiating crypto parameters </li></ul></ul><ul><ul><li>Optionally doing a Diffie-Hellman exchange (if perfect forward secrecy is desired) </li></ul></ul><ul><ul><li>Negotiating what traffic will be sent on the SA </li></ul></ul>
  40. 40. <ul><ul><li>Thank you </li></ul></ul>

×