An introduction to asymmetric cryptography with an in-depth look at RSA, Diffie-Hellman, the FREAK and LOGJAM attacks on TLS/SSL, and the "Mining your P's and Q's attack".
A very clear presentation on Crytographic Alogotithms DES and RSA with basic concepts of cryptography. This presented by students of Techno India, Salt Lake.
An introduction to asymmetric cryptography with an in-depth look at RSA, Diffie-Hellman, the FREAK and LOGJAM attacks on TLS/SSL, and the "Mining your P's and Q's attack".
A very clear presentation on Crytographic Alogotithms DES and RSA with basic concepts of cryptography. This presented by students of Techno India, Salt Lake.
Strong cryptography is the usage of systems or components that are considered highly resistant to cryptanalysis, the study of methods to cracking the codes. In this talk I would like to present the usage of strong cryptography in PHP. Security is a very important aspect of web applications especially when they manipulate data like passwords, credit card numbers, or sensitive data (as health, financial activities, sexual behavior or sexual orientation, social security numbers, etc). In particular I will present the extensions mcrypt, Hash, and OpenSSL that are been improved in the last version of PHP. These are the slides presented during my talk at PHP Dutch Conference 2011.
Digital Signature Recognition using RSA AlgorithmVinayak Raja
• OBJECTIVE: Basically, the idea behind digital signatures is the same as your handwritten signature. You use it to authenticate the fact that you promised something that you can't take back later. A digital signature doesn't involve signing something with a pen and paper then sending it over the Internet. But like a paper signature, it attaches the identity of the signer to a transaction.
• PROBLEM SOLVED: Signer authentication , Message authentication, Non-repudiation , Message integrity
This PPT explains about the term "Cryptography - Encryption & Decryption".
This PPT is for beginners and for intermediate developers who want to learn about Cryptography.
I have also explained some famous ciphers like AES, DES and RSA.
Do not forget to like.
We study the internal structure of the SRP key exchange protocol and experiment with it. SRP establishes a shared encryption key between communicating parties using passwords that were shared out-of-band. We perform basic cryptanalysis of SRP using open-source implementations. We present a demo of how SRP was compromised due to an implementation bug, allowing the attacker to login without the password. The author of the Go-SRP library promptly fixed the issue on the very same day we reported the vulnerability.
Let's play with crypto, PNG & TrueCrypt!
July 2014 CC-BY licence
Presented (in French) at RMLL : https://speakerdeck.com/ange/joue-a-la-crypto-french
Interview: https://2014.rmll.info/+Interview-d-Ange-Albertini-Joue+?lang=en
This is just a translation - it wasn't presented anywhere.
We study the behavior of the RSA trapdoor function by repeatedly encrypting the ciphertext sent over the public channel. We discuss the problem of finding a cycle in order to reverse the plaintext from the given ciphertext. Simple demos and algorithms/python programs are also presented. While the attack is not necessarily practical, it is educational to learn how the RSA trapdoor function behaves.
Slides demonstrate how to break RSA when no padding is applied. I replicated the meet-in-the-middle attack discussed in the existing Crypto literature.
We look into the nitty-gritty details of the RSA key generation algorithm. We study how RSA can be exploited when the public exponent e is not chosen carefully. We examine why many digital certificates use e=65537. We also experiment with Hastad's broadcast attack for short RSA exponents in particular.
The slides demonstrate how to reverse the plaintext from the RSA encrypted ciphertext using an oracle that answers the question: is the last bit of the message 0 or 1?
The Cryptography puzzle discussed here is part of an online challenge. I demonstrate how I broke RSA when random prime numbers were common among a set of keys. I discuss basic metrics as well as implementation/design of my exploit scripts, too.
Results of some basic experiments with the Diffie-Hellman Key Exchange System. I analyse the key-exchange algorithm using brute-force as well using the Baby-step Giant-step algorithm.
Public Key Cryptography and RSA algorithmIndra97065
Public Key Cryptography and RSA algorithm.Explanation and proof of RSA algorithm in details.it also describer the mathematics behind the RSA. Few mathematics theorem are given which are use in the RSA algorithm.
Slides present a demo of exploiting the homomorphic properties of raw RSA (i.e., without any padding) to reverse an RSA ciphertext, without the private key. We have two roles: Adversary and Challenger. The challenger presents a ciphertext to the adversary to break it. The adversary is allowed to ask for encryption/decryption of any text, except the decryption of the challenge ciphertext. The goal of the adversary is to break the ciphertext.
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
Strong cryptography is the usage of systems or components that are considered highly resistant to cryptanalysis, the study of methods to cracking the codes. In this talk I would like to present the usage of strong cryptography in PHP. Security is a very important aspect of web applications especially when they manipulate data like passwords, credit card numbers, or sensitive data (as health, financial activities, sexual behavior or sexual orientation, social security numbers, etc). In particular I will present the extensions mcrypt, Hash, and OpenSSL that are been improved in the last version of PHP. These are the slides presented during my talk at PHP Dutch Conference 2011.
Digital Signature Recognition using RSA AlgorithmVinayak Raja
• OBJECTIVE: Basically, the idea behind digital signatures is the same as your handwritten signature. You use it to authenticate the fact that you promised something that you can't take back later. A digital signature doesn't involve signing something with a pen and paper then sending it over the Internet. But like a paper signature, it attaches the identity of the signer to a transaction.
• PROBLEM SOLVED: Signer authentication , Message authentication, Non-repudiation , Message integrity
This PPT explains about the term "Cryptography - Encryption & Decryption".
This PPT is for beginners and for intermediate developers who want to learn about Cryptography.
I have also explained some famous ciphers like AES, DES and RSA.
Do not forget to like.
We study the internal structure of the SRP key exchange protocol and experiment with it. SRP establishes a shared encryption key between communicating parties using passwords that were shared out-of-band. We perform basic cryptanalysis of SRP using open-source implementations. We present a demo of how SRP was compromised due to an implementation bug, allowing the attacker to login without the password. The author of the Go-SRP library promptly fixed the issue on the very same day we reported the vulnerability.
Let's play with crypto, PNG & TrueCrypt!
July 2014 CC-BY licence
Presented (in French) at RMLL : https://speakerdeck.com/ange/joue-a-la-crypto-french
Interview: https://2014.rmll.info/+Interview-d-Ange-Albertini-Joue+?lang=en
This is just a translation - it wasn't presented anywhere.
We study the behavior of the RSA trapdoor function by repeatedly encrypting the ciphertext sent over the public channel. We discuss the problem of finding a cycle in order to reverse the plaintext from the given ciphertext. Simple demos and algorithms/python programs are also presented. While the attack is not necessarily practical, it is educational to learn how the RSA trapdoor function behaves.
Slides demonstrate how to break RSA when no padding is applied. I replicated the meet-in-the-middle attack discussed in the existing Crypto literature.
We look into the nitty-gritty details of the RSA key generation algorithm. We study how RSA can be exploited when the public exponent e is not chosen carefully. We examine why many digital certificates use e=65537. We also experiment with Hastad's broadcast attack for short RSA exponents in particular.
The slides demonstrate how to reverse the plaintext from the RSA encrypted ciphertext using an oracle that answers the question: is the last bit of the message 0 or 1?
The Cryptography puzzle discussed here is part of an online challenge. I demonstrate how I broke RSA when random prime numbers were common among a set of keys. I discuss basic metrics as well as implementation/design of my exploit scripts, too.
Results of some basic experiments with the Diffie-Hellman Key Exchange System. I analyse the key-exchange algorithm using brute-force as well using the Baby-step Giant-step algorithm.
Public Key Cryptography and RSA algorithmIndra97065
Public Key Cryptography and RSA algorithm.Explanation and proof of RSA algorithm in details.it also describer the mathematics behind the RSA. Few mathematics theorem are given which are use in the RSA algorithm.
Slides present a demo of exploiting the homomorphic properties of raw RSA (i.e., without any padding) to reverse an RSA ciphertext, without the private key. We have two roles: Adversary and Challenger. The challenger presents a ciphertext to the adversary to break it. The adversary is allowed to ask for encryption/decryption of any text, except the decryption of the challenge ciphertext. The goal of the adversary is to break the ciphertext.
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
This presentation introduces the Basics of Cryptography and Network Security concepts. Heavily derived from content from William Stalling's book with the same title.
Overview on Cryptography and Network SecurityDr. Rupa Ch
These slides give some overview on the the concepts which were in Crytography and network security. I have prepared these slides by the experiece after refer the text bbok as well as resources from the net. Added figures directly from the references. I would like to acknowledge all the authors by originally.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
AI Genie Review: World’s First Open AI WordPress Website CreatorGoogle
AI Genie Review: World’s First Open AI WordPress Website Creator
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-genie-review
AI Genie Review: Key Features
✅Creates Limitless Real-Time Unique Content, auto-publishing Posts, Pages & Images directly from Chat GPT & Open AI on WordPress in any Niche
✅First & Only Google Bard Approved Software That Publishes 100% Original, SEO Friendly Content using Open AI
✅Publish Automated Posts and Pages using AI Genie directly on Your website
✅50 DFY Websites Included Without Adding Any Images, Content Or Doing Anything Yourself
✅Integrated Chat GPT Bot gives Instant Answers on Your Website to Visitors
✅Just Enter the title, and your Content for Pages and Posts will be ready on your website
✅Automatically insert visually appealing images into posts based on keywords and titles.
✅Choose the temperature of the content and control its randomness.
✅Control the length of the content to be generated.
✅Never Worry About Paying Huge Money Monthly To Top Content Creation Platforms
✅100% Easy-to-Use, Newbie-Friendly Technology
✅30-Days Money-Back Guarantee
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
#AIGenieApp #AIGenieBonus #AIGenieBonuses #AIGenieDemo #AIGenieDownload #AIGenieLegit #AIGenieLiveDemo #AIGenieOTO #AIGeniePreview #AIGenieReview #AIGenieReviewandBonus #AIGenieScamorLegit #AIGenieSoftware #AIGenieUpgrades #AIGenieUpsells #HowDoesAlGenie #HowtoBuyAIGenie #HowtoMakeMoneywithAIGenie #MakeMoneyOnline #MakeMoneywithAIGenie
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Atelier - Innover avec l’IA Générative et les graphes de connaissancesNeo4j
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Allez au-delà du battage médiatique autour de l’IA et découvrez des techniques pratiques pour utiliser l’IA de manière responsable à travers les données de votre organisation. Explorez comment utiliser les graphes de connaissances pour augmenter la précision, la transparence et la capacité d’explication dans les systèmes d’IA générative. Vous partirez avec une expérience pratique combinant les relations entre les données et les LLM pour apporter du contexte spécifique à votre domaine et améliorer votre raisonnement.
Amenez votre ordinateur portable et nous vous guiderons sur la mise en place de votre propre pile d’IA générative, en vous fournissant des exemples pratiques et codés pour démarrer en quelques minutes.
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
GraphSummit Paris - The art of the possible with Graph TechnologyNeo4j
Sudhir Hasbe, Chief Product Officer, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Crescat
Crescat is industry-trusted event management software, built by event professionals for event professionals. Founded in 2017, we have three key products tailored for the live event industry.
Crescat Event for concert promoters and event agencies. Crescat Venue for music venues, conference centers, wedding venues, concert halls and more. And Crescat Festival for festivals, conferences and complex events.
With a wide range of popular features such as event scheduling, shift management, volunteer and crew coordination, artist booking and much more, Crescat is designed for customisation and ease-of-use.
Over 125,000 events have been planned in Crescat and with hundreds of customers of all shapes and sizes, from boutique event agencies through to international concert promoters, Crescat is rigged for success. What's more, we highly value feedback from our users and we are constantly improving our software with updates, new features and improvements.
If you plan events, run a venue or produce festivals and you're looking for ways to make your life easier, then we have a solution for you. Try our software for free or schedule a no-obligation demo with one of our product specialists today at crescat.io
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
1. 29-01-2015 by Bart Van Bos - AllBits29-01-2015 by Bart Van Bos - AllBits
Security in TheorySecurity in Theory
Cryptography and Entity Authentication
3. Security Terminology
● Definitions
– Confidentiality - limit access to information
– Authentication - confirming the truth of an attribute
– Authorization - access control
– Non-repudiation - unable to deny an action
● Don't use the word authentication without
defining it
Data Entities
Confidentiality encryption anonymity
Authentication data authentication identification
4. Cryptology Basic Principles
● Alice – Bob – Eve
clear text
%^C&@&^(
CRYPTO
box
clear text
%^C&@&^(
CRYPTO
boxListen – Modify
Alice Bob
Eve
6. Symmetric Encryption
● Confidentiality through encryption
– Stream ciphers
● RC4 – 1987 by Ron Rivest (MIT)
● E0 (Bluetooth) or A5/1 (GSM)
– Block ciphers
● DES and triple-DES
● AES
● Stream cipher
– Plain text digits are combined with a pseudo random cipher digit
stream (key stream)
● Block cipher
– Fixed-length groups of bits, called blocks, with an unvarying
transformation
8. Stream cipher key stream
● For a fixed key K and initial value IV, the stream
cipher output is a deterministic function of the
state
● A repetition of the state (for a given K, IV) leads
to a repetition of the key stream and plain text
recovery
● Exhaustive key search (2014)
– 240 instructions is easy, 260 is somewhat hard, 280 is hard, 2128
is completely infeasible
– < 70 bits is insecure. 80 bits OK for 1 year. 100 bits for 20
years
10. AES Rijndael
● Advanced Encryption Standard
– Open Competition launched by US government in
1997 to replace DES
● Joan Daemen and Vincent Rijmen
● Graduated a ESAT KUL
– 128 bit block cipher with key of 128/192/256 bits
– As strong as triple DES
● More efficient
● Royalty free
11. Symmetric Data Hashing
● Data authentication through Hashing
– A hash function is a one way function
– Hash functions without a key
● MDC (Manipulation Detection Code)
– MD5: collisions 230 steps
– SHA-1: collisions 269 steps
– SHA-3 (Keccak – BE 2013): collisions 2256 steps
– Hash functions with a secret key
● MAC (Message Authentication Code)
12. Data authentication with MDC
● Protect short hash value rather then long text
● Pre-image resistance
– Give y, hard to find x, such that hash(x) = y
– Hard to find x' ≠ x, such that hash(x') = hash(x)
This is an input to a
cryptographic hash function. The
input is a very long string, that is
reduced by the hash function to a
string of fixed length. There are
additional security conditions: it
should be very hard to find an
input hashing to a given value (a
pre-image) or to find two colliding
inputs (a collision).
7E6FD7198A198FB3C
HASH
● (MD5)
● (SHA-1)/256/512
● RIPEMD-60
● SHA-3 (BE design)
13. MAC Algorithms
● Alice – Bob – Eve
clear text
clear text
MAC
clear text
clear text
VERIFYModify
Alice Bob
Eve
14. Data authentication with MAC
● Protection of authenticity of long messages =>
protection of secrecy of short key
● Add MAC to the plain text
● Birthday attacks: security level smaller < expected
This is an input to a MAC
algorithm. The input is a very
long string, that is reduced by the
hash function to a string of fixed
length. There are additional
security conditions: it should be
very hard for someone who does
not know the secret key to
compute the hash function on a
new input.
7E6FD7198A198FB3C
HASH
● CBC-MAC (3DES)
● HMAC (AES)
● GMAC
15. Cipher Block Chaining MAC
● MAC algorithms
– Banking: CBC-MAC based on triple DES
– Internet: HMAC and CBC-MAC based on AES
– Initial Vector should be random and secret
AES
+
K
plain block 1
cipher block 1
AES
+
K
plain block 1
cipher block 1
AES
+
K
plain block 2
cipher block 2
AES
+
K
plain block n
cipher block n
...
IV
MAC
17. Why Public-key Cryptology?
● Limitation of symmetric cryptology
– Reduce security of information to security of keys
– But how to establish these secret keys?
● Cumbersome and expensive
● Risky: all keys in one place
– Do we really need to establish secret keys?
18. Public Key Encryption
clear text
%^C&@&^(
CRYPTO
box
clear text
%^C&@&^(
CRYPTO
boxListen
Alice Bob
Eve
Public
key
Private
key
● Public key cryptology: encryption
19. Public Key Digital signatures
● Public key cryptology: digital signature
clear text
%^C&@&^(
CRYPTO
box
clear text
%^C&@&^(
CRYPTO
boxModify
Alice Bob
Eve
Private
key
Public
key
20. Key transport using RSA
● RSA protocol (1978 - Rivest, Shamir and Adleman)
– The security of RSA is based on the fact that it is easy to
generate two large primes, but that it is hard to factor their
product
● encryption: c = me mod(n)
● decryption: m = cd mod(n)
– How does Bob know that k is coming from Alice?
● In reality as Alice you'll use a password or credit card number to identify
yourself to Amazon
– What happens if private server key SKB is leaked or requested by the NSA or
hackers? All historical data can be read → no forward secrecy!
generate k
encrypt with PKB
sign with SKA
decrypt using
SKB to obtain k
verify using PKA
SigSKA
{EPKB
(k || tA
)}
21. Key transport using STS
● Station to Station (STS) protocol
– Diffie-Hellman: first published in 1976
– Before: Alice & Bob never met and share no secrets
– After: Alice & Bob share short term key k
● Eve cannot compute k (discrete logarithm problem)
● Provides perfect forward secrecy
generate x
compute αx
compute k = (αy
)x
√ SigB
generate y
compute αy
compute k = (αx
)y
√ SigA
αx
αy
SigA(αx
,αy
)
SigB(αy
,αx
)
22. Public key cryptology
● Advantages
– Protection of information => authenticity of public keys
– Confidentiality without secret keys: open environment
– Data authentication without shared secret keys: digital
signature
● Disadvantages
– Calculation in HW/SW is 2 to 3 orders of magnitude
slower than symmetric algorithms
– Longer keys: 1024 bits iso 56 ... 128
25. Entity Authentication
● Entity Authentication - one is corroborated
of the identity of another party and of the
fact that this party is alive (active) during
the protocol
Why should I
believe her?
Hello Bob, I am Alice
26. Entity Authentication Elements
● What someone knows
– Password, PIN code
● What someone has
– Magnetic stripe card, smart card
● What someone is (biometrics)
– Fingerprint, retina, hand shape...
● How someone does something
– Manual signature, typing pattern
● Where someone is
– Dial back, location based services (GSM, Galileo)
Xur%9pLr
27. Password identification
● Bob stores hash(P) rather then P
● Eve can guess the password P
● Eve can eavesdrop the channel and learn
Alice's password OK!
Hello Bob, I am Alice.
My password P is
Xur%9pLr
One-way
hash
P
f(P)
Alice f(Xur%9pLr)
28. Password identification
● Every user a random publicly known salt S.
● Bob stores hash(P,S)||S rather then P
● It's harder to attack the passwords of all
users simultaneously OK!
Hello Bob, I am Alice.
My password P is
Xur%9pLr
One-way
hash
P
f(P || S)
Alice f(Xur%9pLr || 987&*) || 987&*)
S
29. Human memory is limited
● Store key K on magnetic stripe, USB keys or
hard disk
● Stops guessing attacks
● But does not solve the other problems related
to password
● And you identify the card, not the user
● Possibility of replay: liveliness is missing
30. Static Data Authentication
● Replace K by a signature of a third party CA
(Certificate Authority) on Alice's name
SigSKCA(Alice)
● Advantages
– Can be verified using public string PKCA
– Can only be generated by CA
● Disadvantages
– Possibility of replay due to liveliness is missing
– Can still be copied/intercepted
– Signature = 40...128 bytes
DN: cn= Alice,
o=KBC, c=BE
Serial #: 8391037
Start: 3/02/13 1:00
End: 3/02/14 00:59
CRL: cn=BCC,
o=EMV, c=BE
CA DN: o=EMV, c=BE
31. Identification symmetric token
● Challenge response protocol
– Eavesdropping no longer effective
– Bob still needs to have the secret key K
– Detects whether Alice is alive!
OK!
MACK
(r)
random number r
K K
32. Identification symmetric token
● With implicit challenge from clock
– Eavesdropping no longer effective (no challenge)
– Bob still needs to have the secret key K
– Resynchronization mechanism needed OK!
MACK
(time)
K K
http://allthingsd.com/20110404/rsa-explains-how-it-was-hacked
http://www.computerworld.com/article/2511297/security0/diginotar-dies-from-certificate-hack-caper.html
33. Identification public key token
● Use private key to sign the challenge r
● Eavesdropping no longer effective
● Bob no longer needs a secret – only PKA
● Most expensive (€ and time)
OK!
SigSKA
(r)
random number r
SKA
PKA
34. Overview Identification Protocols
Guess Eavesdrop
(liveliness)
Impersonation
by Bob
Secret info
for Bob
Security
Password - - - - 1
Magnetic stripe
(SK)
+ - - - 2
Magnetic stripe
(PK)
+ - - + 3
Dynamic PW + + - - 4
Smart Card
(SK)
+ + - - 4
Smart Card
(PK)
+ + + + 5
35. Entity authentication in practice
● Phishing – mutual authentication
● 2 stage authentication
user → device, device → world
● Forward credentials – biometry
● Interrupt after initial authentication – authenticated
key establishment (session key to encrypt data)
● Mafia fraud – distance bounding
● Protocol errors – check that local device
authentication is linked to entity authentication
protocol https://www.youtube.com/watch?v=JPAX32lgkrw
http://www.cl.cam.ac.uk/research/security/banking/nopin
41. TLS Key Management Options
➢ DH Diffie-Hellman
➢ DHE Ephemeral DH
➢ x/y generated each time
➢ perfect FW secrecy
➢ DSS Digital Signature Standard (DSA)
➢ RSA Rivest-Shamir-Adleman
➢ EC Elliptic Curve (shorter keys)
➢ TLS 1.0 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA1
➢ TLS 1.2 TLS_RSA_WITH_AES_128_CBC_SHA1
key
exchange
anonymousanonymous
not anonymous
server authentication
only
server and client
authentication
DH_anon
RSA
DH_DSS
DH_RSA
DHE_DSS
DHE_RSA
RSA
DH_DSS
DH_RSA
DHE_DSS
DHE_RSA
TLS 1.0
man-in-the-middle
ECDHE_ECDSA
TLS 1.2
42. Current SSL & TLS usage
● Top 1 Million websites October 2014
– Removal of SSLv3 browsers support blocked
– 96.9% still support SSLv3
– Only 34.2% support TLSv1.2
https://zmap.io/sslv3/#affected
41.21%
0.12% 24.02%
0.40%
34.24%
Highest supported TLS Version
HTTP Only
SSLv3
TLS 1.0
TLS 1.1
TLS 1.2
No TLS support!
citibank.com
marketwatch.com
clkmon.com
inclk.com
informer.com
billdesk.com
44. Conclusions
● Properties of protocols are subtle
● Many standardized protocols exist
– ISO/IEC, IETF
● Difficulty: which properties are needed for
a specific application
● Rule #1 of protocol design – DON'T
– Not even by simplifying existing protocols
45. References
● A.J. Menezes, P.C. van Oorschot, S.A. Vanstone,
Handbook of Applied Cryptography, CRC Press, 1997.
– http://www.cacr.math.uwaterloo.ca/hac
● N. Smart, Cryptography, An Introduction: 3rd Ed, 2008.
Solid and up to date but on the mathematical side.
– http://www.cs.bris.ac.uk/~nigel/Crypto_Book
● Joseph Bonneau, Cormac Herley, Paul C. van Oorschot,
Frank Stajano: The Quest to Replace Passwords: A
Framework for Comparative Evaluation of Web
Authentication Schemes.
– IEEE Symposium on Security
and Privacy 2012: 553-567
46. Q&A
● Thanks for your attention
Email: bartvanbos@allbits.eu
LinkedIn: http://lnkd.in/Kre-kR