Public-key cryptography uses message authentication codes (MACs) and digital signatures to verify the authenticity and integrity of messages. MACs are calculated using a secret key shared between the sender and receiver. Digital signatures are generated using the sender's private key and can be verified by the receiver using the sender's public key. Common MAC algorithms include HMAC, which uses a cryptographic hash function combined with a secret key. Asymmetric encryption algorithms like RSA enable confidential communication by encrypting messages with the public key while only the holder of the private key can decrypt.
This is some basic information about Double Ratchet Algorithm.
It does not include any code but helps in how Actually Double Ratchet Works on ground level.
This is some basic information about Double Ratchet Algorithm.
It does not include any code but helps in how Actually Double Ratchet Works on ground level.
The presentation covers the topic concerned with message authentication code, which is used to verify the message integrity (Message is modified or not?).
HASH FUNCTIONS AND DIGITAL SIGNATURES
Authentication requirement – Authentication function – MAC – Hash function – Security of hash function and MAC –MD5 – SHA – HMAC – CMAC – Digital signature and authentication protocols – DSS – EI Gamal – Schnorr.
The presentation covers the topic concerned with message authentication code, which is used to verify the message integrity (Message is modified or not?).
HASH FUNCTIONS AND DIGITAL SIGNATURES
Authentication requirement – Authentication function – MAC – Hash function – Security of hash function and MAC –MD5 – SHA – HMAC – CMAC – Digital signature and authentication protocols – DSS – EI Gamal – Schnorr.
Public Key Cryptography and RSA algorithmIndra97065
Public Key Cryptography and RSA algorithm.Explanation and proof of RSA algorithm in details.it also describer the mathematics behind the RSA. Few mathematics theorem are given which are use in the RSA algorithm.
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
This material covers Authentication requirement, Authentication function, MAC, Hash function, Security of hash function and MAC, SHA, Digital signature and authentication protocols, DSS, Authentication protocols like Kerberos and X.509, entity authentication
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
The design criteria behind TLS/SSL, presented at Cal Poly on 2010/6/3. An updated version of a previous talk, this presentation includes descriptions of the Null-byte certificate attack and the recent session renegotiation attack (both from 2009).
This presentation consists of the Seminar, provided by me in the partial fulfillment of my Bachelors Degree in G B Pant Engineering College. Seminar included information about Encryption, Decryption, Cryptosystems and Authenticity in crytosystem.
This presentation introduces the Basics of Cryptography and Network Security concepts. Heavily derived from content from William Stalling's book with the same title.
Information and network security 42 security of message authentication codeVaibhav Khanna
Message Authentication Requirements
Disclosure: Release of message contents to any person or process not possess- ing the appropriate cryptographic key.
Traffic analysis: Discovery of the pattern of traffic between parties. ...
Masquerade: Insertion of messages into the network from a fraudulent source
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
2. Authentication
• Requirements - must be able to verify that:
Message came from apparent source or author Authentic
Contents have not been altered message
Sometimes, it was sent at a certain time or sequence
• Protection against active attack (falsification of data and
transactions)
2
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
3. Approaches to Message Authentication
• Authentication Using Conventional Encryption
Only the sender and receiver should share a key
• Message Authentication without Message Encryption
An authentication tag is generated and appended to each message
• Message Authentication Code - MAC
The use of secret key to generate a small block of data, MAC
Or
Calculate the MAC as a function of the message and the key.
MAC = F(K, M)
3
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
4. Message Authentication Code
• Need not to be reversible
• A & B Share a common secret key KAB
• A send message to B
A calculates message authentication code as a function of the message
and the key.
MACM1 = F(KAB, M)
The message + MAC are transmitted to B.
B performs the same calculation on the recieved message, using same
KAB
MACM2 = F(KAB, M)
If MACM1 = F(KAB, M) = MACM2 = F(KAB, M)
– Message has not been altered
– From intended sender 4
– Addition of sequence number, give more surity
6. One-way HASH function
• Alternative to MAC
• Input: A variable size message
• Output: Fixed size message digest H(M)
• No secret Key
• Message digest is sent with message in such a way that message
digest is authentic
Using conventional encryption
Using Public-Key encryption
Using Secret Value
6
8. One-way HASH function cont.
• Secret value (known to sender and receiver both) is added before
calculating the hash and removed before transmission.
• Variation of this technique is HMAC
8
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
9. Secure HASH Functions
• Purpose of the one-way or secure HASH function is to produce a
”fingerprint” of a file, message or block of data
• Properties of a HASH function H :
§ H can be applied to a block of data at any size
§ H produces a fixed length output
§ H(x) is easy to compute for any given x.
§ For any given value h, it is computationally in-feasible to find x such
that H(x) = h one-way property / pre-image resistant
§ For any given block x, it is computationally infeasible to find
y ≠ x with H(y) = H(x) weak collision resistance
§ It is computationally infeasible to find any pair (x, y) such that
H(x) = H(y) strong collision resistance
9
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
10. Block cipher VS Hash function
• Block cipher – symmetric encryption method:
input: blocks of plain-text of a fixed length
output: blocks of cipher-text of the same length
• Hash function – both symmetric and asymmetric encryption method
input: binary string of arbitrary length
output: string of some fixed length
10
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
11. Other Secure HASH functions
SHA-1 MD5 RIPEMD-160
Digest length 160 bits 128 bits 160 bits
Basic unit of 512 bits 512 bits 512 bits
processing
Number of steps 80 (4 rounds of 64 (4 rounds of 160 (5 paired
20) 16) rounds of 16)
Maximum message 264-1 bits
size
11
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
12. HMAC
• A keyed-hash message authentication code, or HMAC, is a type of
message authentication code (MAC) calculated using a cryptographic
hash function in combination with a secret key.
• The cryptographic strength of the HMAC depends upon the cryptographic
strength of the underlying hash function and on the size and quality of the
key.
• An iterative hash function breaks up a message into blocks of a fixed size
and iterates over them with a compression function.
• Motivations:
Cryptographic hash functions executes faster in software than encryption
algorithms such as DES
Library code for cryptographic hash functions is widely available
No export restrictions from the US
12
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
13. HMAC
HMACK(m) = h((K ⊕ opad) ‖ h((K ⊕ ipad) ‖ m ))
• h is an iterated hash function,
• K is a secret key padded with extra zeros to the block size of the
hash function
• m is the message to be authenticated.
• ‖ denotes concatenation
• ⊕ denotes Exclusive Or (XOR)
• The two constants ipad and opad, each one block long, are defined
as ipad = 0x363636...3636 and opad = 0x5c5c5c...5c5c. That is, if
block size of the hash function is 512, ipad and opad are 64
repetitions of the (hexadecimal) bytes 0x36 and 0x5c respectively
13
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
14. HMAC Structure
Initialization Vector (IV):
a fixed-size input to a
cryptographic function. IV
is typically random or
pseudorandom
14
HMACK(m) = h((K ⊕ opad) ‖ h((K ⊕ ipad) ‖ m ))
ET2437 - Network Security
15. Public Key / Asymmetric Encryption
• Based on mathematical functions.
• The use of two separate keys has consequences in:
key distribution
confidentiality
authentication
• The scheme has six ingredients
Plain-text Encryption algorithm
Public Key Private Key
Cipher text Decryption algorithm
15
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
17. Encryption with Private Key (Authentication)
17
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
18. Applications for Asymmetric Encryption
• Encryption/Decryption: The sender encrypts a message with the
recipient’s public key.
• Digital signature: The sender ”signs” a message with its private
key.
• Key exchange: Both sides (i.e. Sender & Reciever) co-operate to
exchange a session key
18
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
19. Requirements for Asymmetric Encryption
1. Computationally easy for a party B to generate a pair (PUblic key
PUb, PRivate key PRb)
2. Easy for sender to generate cipher-text: C = E(Pub, M)
3. Easy for the receiver to decrypt cipher-text using private key:
M = D(PRb, C) = D[PRb, E(PUb, M)]
5. Computationally in-feasible to determine Private Key (PRb) knowing
Public Key (PUb)
6. Computationally infeasible to recover message M, knowing PUb and
cipher-text C
7. Either of the two related keys can be used for encryption, with the
other used for decryption:
19
M = D[PUb, E(PRb,M) = D[PRb, E(PUb,M)]
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
20. Asymmetric Cryptographic Algorithms
• RSA - Ron Rivest, Adi Shamir and Len Adleman at MIT, in 1977.
Published in 1978
RSA is a block cipher in which plaintext and ciphertext are integers
between 0 and n-1 for some n.
The most widely implemented
• Diffie-Hellman
Enable two users to exchange a secret key securely that can be used
for subsequent encryption message
Algorithm itself is limited to exchange of keys
Compute discrete logarithms
20
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
21. The RSA Algorithm
Encryption
• Plain-text: M<n
• Cipher-text: C = Me (mod n)
Decryption
• Cipher-text: C
• Plain-text: M = Cd (mod n) = Med mod n
• Both sender and reciever must know the values of n and e
• Only reciever knows the value of d
• Public Key PU = {e,n} and Private Key PR= {d,n}
21
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
22. The RSA Algorithm - Key Generation
Select p,q p and q both prime p=17, q=11
Calculate n=pxq 17 x 11 = 187
Calculate 16 x 10 = 160
Select integer e e=7
Calculate d d = 23
Public Key PU = {e,n} 7,187
Private key PR = {d,n} 23,187
22
23. Example of the RSA Algorithm
23
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
24. Other Algorithms
• Digital Signature Standard (DSS)
Makes use of the SHA-1
Not for encryption or key exchange
• Elliptic-Curve Cryptography (ECC)
Good for smaller bit size
Low confidence level, compared with RSA
Very complex
Decryption algorithm
24
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD
25. 25
ET2437 - Network Security
RAJA M KHURRAM SHAHZAD