SlideShare a Scribd company logo

Authentication: keys, MAC

Download as PPT, PDF
Shafaan Khaliq Bhatti
Shafaan Khaliq Bhatti

Authentication protocols allow communicating parties to verify each other's identities before exchanging confidential information. Digital signatures provide a way for senders to cryptographically sign messages in a way that cannot be forged or denied later. There are two main approaches: arbitrated signatures use a trusted third party to verify and time-stamp signatures, while direct signatures encrypt a hash of the message with the sender's private key for verification by the recipient. Key techniques like Diffie-Hellman key exchange, Kerberos, and public key infrastructures help enable secure authentication and signatures at scale.

Education
1 of 22
Authentication: keys, MAC, hashes, message digests, digital signatures
Topics • In a confidential communication the authenticity needs to be carefully established for: • �The two partners • �Before sending any confidential information one needs to be sure to whom it sends that information: authentication protocols • �The messages received by each partner • �One needs to be sure that the message received has not been modified –it coincides with the sent message: message authentication • �If the two partners do not quite trust each other, they need to make sure that the sender cannot later deny having sent the message and the receiver cannot have devised the message himself: digital signatures
I. Authentication protocols • Such protocols enable communicating parties to satisfy themselves mutually about each other’s identity and possibly, to exchange session keys • �Two central problems here: confidentiality and timeliness • �Essential identification information and the session keys must be communicated in encrypted form • �Because of the threat of replay, timeliness is essential here • �Replays could allow the attacker to get a session key or to impersonate another party • �At minimum, the attacker could disrupt operations by presenting parties with messages that appear genuine but are not – aims at a denial of service attack • �Two approaches are generally used to defend replay attacks • �Timestamps: A accepts a message as fresh only if it contains a timestamp that, in A’s judgment, is close enough to A’s knowledge of current time –clocks need to be synchronized • �Challenge/response: A, expecting a fresh message from B, first sends B a random number (challenge) and requires that the subsequent message (response) received from B contains that random number or some agree-upon transformation on it (this is also called hand-shaking sometimes
Authentication protocols and setting up secret keys A Direct authentication 1.Based on a shared secret master key 2.Based on a public-key system 3.Diffie-Hellman B. Mediated authentication 1.Based on key distribution centers 2.Kerberos
A1. Authentication based on a shared secret key • Assume here that A and B already share a secret key –this is called sometimes the master key MK because the two will only use this rarely, whenever they need to authenticate each other and establish a session key • �Master keys will only be used to establish session keys • �Concentrate here on how to establish session keys • �Protocol • �A issues a requests to B for a session key and includes a nonce N1 • �B responds with a message encrypted using the shared master key –include there the session key he selects, A’s id, a value f(N1) and another nonce N2 • �At this point, A is sure of B’s identity: only he knows the master key; B is not sure of anything yet • �Using the new session key, A return f(N2) to B • �B is sure of A’s identity: only A can read the message he sent, including the session key
A2. A general scheme of public-key authentication (and distribution of secret keys) • �Assume here that A and B know each other’s public key • �N1 and N2 in the scheme are random numbers –they ensure the authenticity of A and B (because only they can decrypt the messages and read N1 and N2) • �After Step 2, A is sure of B’s identity: right response to its challenge • �After Step 3, B is sure of A’s identity: right response to its challenge
A3. A concrete scheme: Diffie-Hellman key exchange • This is the first ever published public-key algorithm –used in a number of commercial products • Elegant idea: establish a secret key based on each other’s public keys • Protocol • Alice and Bob need to agree on two large numbers n,g, where n is prime, (n-1)/2 is also prime and some extra conditions are satisfied by g (to defeat math attacks) –these numbers may be public so Alice could generate this on her own� • Alice picks a large (say, 512-bit) number x and B picks another one, say y� • Alice initiates the key exchange protocol by sending Bob a message containing (n,g,g^xmod n)� • Bob sends Alice a message containing g^ymod n� • Alice raises the number Bob sent her to the x-th power mod n to get the secret key: (g^ymod n)^ x mod n=g^xy mod n� • Bob raises the number Alice sent to the y-thpower modulo n to get the secret key: (g^x mod n)^y mod n= g^xy mod n
B1. Authentication using key distribution centers (KDC) Authentication using key distribution centers (KDC) • �Setting up a shared key was fairly involved with the previous approaches and perhaps not quite worth doing • �Each user has to maintain a secret key (perhaps on some plastic card) for each of his friends –this may be a problem for popular people • �Different approach: have a trusted key distribution center (KDC) • �Each user maintains one single secret key –the one to communicate with KDC • �Authentication and all communications go through KDC • �Alice picks Ks and tells KDC that she wants to talk to Bob using Ks–A uses secret key KA used only to communicate with KDC • �KDC decrypts the message and sends Ks to Bob together with Alice’s id –KDC uses key KB used only to communicate with B • �Authentication here is for free –key KA is only known to A and KDC
Replay attack to the KDC-based protocol • Say Eve manages to get a job with Alice and after doing the job, she asks Alice to pay her by bank transfer. • �Alice establishes a secret key with the banker Bob and then sends Bob a message requesting money to be transferred to Eve’s account • Eve however is back to her old business, snooping on the network–she copies message 2 in the protocol and the request for money that follows� • Later Eve replays both messages to Bob –Bob will think that Alice has hired again Eve and pays Eve the money� • Eve is able to do many iterations of the procedure –replay attack • Solution 1: include a timestamp with the message –any old message will be discarded� • Problem: clocks are not always exactly synchronized so there will be a period when the message is still valid�
Authentication using Kerberos • Kerberos is an authentication protocol used in many systems, including Windows 2000, using the KDC-based approach • �Kerberos was the name of a multi head dog in Greek mythology that used to guard the entrance to Hades • �Designed at MIT to allow workstation users to access network resources securely • �As such, it relies on the assumption that all clocks are fairly well synchronized • �Kerberos v4 is the most widely used version –the one we discuss here • �Includes three servers that communicate with Alice (at the workstation) • �Authentication server (AS) –verifies the user during login • �It shares a secret password with each user (plays the role of the KDC) • �Ticket-granting server (TGS) –issues “proof of identity tickets” • �Tickets will be used by the user to perform various jobs • �Bob the server –actually does the work Alice needs to do, based on the identity ticket • �Based on the identity ticket will grant Alice the right she is entitled to
Authentication using Kerberos 1. A sits down at an arbitrary public workstation and types her name • �Workstation sends her name to the AS in plaintext 1. AS sends back a session key KS and a ticket KTGS(A,KS) for TGS –both encrypted with A’s secret key • �At this point the workstation asks for A’s password • �Password is used to generate the secret key and decrypt the message, obtaining the ticket for TGS
Authentication using Kerberos
Authentication using Kerberos • A tells the workstation she needs to contact the file server Bob 3. Workstation sends a message to TGS asking for a ticket to use Bob • �Key element here is the ticket for TGS received from AS –this proves to TGS that the sender is really A 4. TGS creates and sends back a session key KAB for A to use with B • �TGS sends a message encrypted with KS so that A can read and get KAB • �TGS also includes a message intended only for Bob, sending A’s identity and the key KAB • �If Eve replays message 3 she will be foiled by the timestamp t • �Even if she replays the message quickly she will only get a copy of message 4 that she cannot read 5 Alice can now communicate with Bob using KAB 6. Bob confirms he has received the request and is ready to do the work
II. Digital signatures • Having a sort of digital signature replacing hand written signatures is essential in the cyber-world • �This is crucial between two parties who do not trust each other and need protection from each other’s later false claims • Requirements for a digital signature • �Must authenticate the content of the message at the time of the signature • �Must authenticate the author, date, and time of the signature • �Receiver can verify the claimed identity of the sender • �Sender cannot later repudiate the content of the message • �Receiver cannot possibly have concocted the message himself • �Can be verified by third-parties to resolve disputes • �Examples: • �The bank needs to verify the identity of the client placing a transfer order • �The client cannot deny later having sent that order • �It is impossible for the bank to create transfer orders and claim they actually came from the client
Digital signatures • Computational requirements • �Must be a bit pattern depending on the message being signed • �Signature must use some information unique to the sender to prevent forgery and denial • �Computationally easy to produce a signature • �Computationally easy to recognize and verify the signature • �Computationally infeasible to forge a digital signature • ��Practical to retain a copy of the digital signature in storage
Two general schemes for digital signatures • Arbitrated digital signatures • �Every signed message from A to B goes to an arbiter BB (Big Brother) that everybody trusts • �BB checks the signature and the timestamp, origin, content, etc. • �BB dates the message and sends it to B with an indication that it has been verified and it is legitimate
Arbitrated digital signatures • E.g., every user shares a secret key with the arbiter • �A sends to BB in an encrypted form the plaintext P together with B’s id, a timestamp and a random number RA • �BB decrypts the message and thus makes sure it comes from A; it also checks the timestamp to protect against replays • �BB then sends B the message P, A’s id, the timestamp and the random number RA; he also sends a message encrypted with his own private key (that nobody knows) containing A’s id, timestamp t and the plaintext P (or a hash) • �B cannot check the signature but trusts it because it comes from BB –he knows that because the entire communication was encrypted with KB • �B will not accept old messages or messages containing the same RA to protect against replay • �In case of dispute, B will show the signature he got from BB (only BB may have produced it) and BB will decrypt it
Direct digital signatures • This involves only the communicating parties and it is based on public keys • �The sender knows the public key of the receiver • �Digital signature: encrypt the entire message (or just a hash code of the message) with the sender’s private key • �If confidentiality is required: apply the receiver’s public key or encrypt using a shared secret key
DS • Weaknesses: • �The scheme only works as long as KRA remains secret: if it is disclosed (or A discloses it herself), then the argument of the judge does not hold: anybody can produce the signature • �Attack: to deny the signature right after signing, simply claim that the private key has been lost– similar to claims of credit card misuse • �If A changes her public-private keys (she can do that often) the judge will apply the wrong public key to check the signature • �Attack: to deny the signature change your public-private key pair–this should not work if a PKI is used because they may keep trace of old public keys • �A should protect her private key even after she changes the key

Recommended

Protocols for Public Key Management
Protocols for Public Key ManagementProtocols for Public Key Management
Protocols for Public Key Management
Shafaan Khaliq Bhatti
 
PUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONPUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONraf_slide
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptography
Rutvik Mehta
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functions
Dr.Florence Dayana
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key Cryptosystem
Devakumar Kp
 
Is case study
Is case studyIs case study
Is case studyShehrevar Davierwala
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, Hashes
Shafaan Khaliq Bhatti
 

Recommended

Protocols for Public Key Management
Protocols for Public Key ManagementProtocols for Public Key Management
Protocols for Public Key Management
Shafaan Khaliq Bhatti
 
PUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONPUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONraf_slide
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptography
Rutvik Mehta
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functions
Dr.Florence Dayana
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key Cryptosystem
Devakumar Kp
 
Is case study
Is case studyIs case study
Is case studyShehrevar Davierwala
 
Message Authentication: MAC, Hashes
Message Authentication: MAC, HashesMessage Authentication: MAC, Hashes
Message Authentication: MAC, Hashes
Shafaan Khaliq Bhatti
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmac
anuragjagetiya
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
Shafaan Khaliq Bhatti
 
Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Final ss2-digital-signature-group5
Final ss2-digital-signature-group5
Phan Minh
 
Cryptography
CryptographyCryptography
Cryptography
fsl khan
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptographyanusachu .
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptographySuresh Thammishetty
 
Ch10
Ch10Ch10
Ch10Joe Christensen
 
Digital signature
Digital signatureDigital signature
Digital signatureSadhana28
 
Rsa and diffie hellman algorithms
Rsa and diffie hellman algorithmsRsa and diffie hellman algorithms
Rsa and diffie hellman algorithms
daxesh chauhan
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismAmit Singh
 
Information and data security public key cryptography and rsa
Information and data security public key cryptography and rsaInformation and data security public key cryptography and rsa
Information and data security public key cryptography and rsa
Mazin Alwaaly
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemMerlin Florrence
 
Ch9
Ch9Ch9
Ch9
Mahender Kumar
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standard
Vaibhav Khanna
 
Cryptography
CryptographyCryptography
Cryptography
Sandip kumar
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
omarShiekh1
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
DarshanPatil82
 
CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem
Gyanmanjari Institute Of Technology
 
Unit 1
Unit 1Unit 1
Unit 1
Trupti Kodinariya
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5
Kabul Education University
 
Chapter 2: Network Models
Chapter 2: Network ModelsChapter 2: Network Models
Chapter 2: Network Models
Shafaan Khaliq Bhatti
 
Chapter 3: Data & Signals
Chapter 3: Data & SignalsChapter 3: Data & Signals
Chapter 3: Data & Signals
Shafaan Khaliq Bhatti
 

More Related Content

What's hot

Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmac
anuragjagetiya
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
Shafaan Khaliq Bhatti
 
Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Final ss2-digital-signature-group5
Final ss2-digital-signature-group5
Phan Minh
 
Cryptography
CryptographyCryptography
Cryptography
fsl khan
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptographyanusachu .
 
Digital signature
Digital signatureDigital signature
Digital signatureSadhana28
 
Rsa and diffie hellman algorithms
Rsa and diffie hellman algorithmsRsa and diffie hellman algorithms
Rsa and diffie hellman algorithms
daxesh chauhan
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismAmit Singh
 
Information and data security public key cryptography and rsa
Information and data security public key cryptography and rsaInformation and data security public key cryptography and rsa
Information and data security public key cryptography and rsa
Mazin Alwaaly
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemMerlin Florrence
 
Ch9
Ch9Ch9
Ch9
Mahender Kumar
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standard
Vaibhav Khanna
 
Cryptography
CryptographyCryptography
Cryptography
Sandip kumar
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
omarShiekh1
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
DarshanPatil82
 
CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem
Gyanmanjari Institute Of Technology
 
Unit 1
Unit 1Unit 1
Unit 1
Trupti Kodinariya
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5
Kabul Education University
 

What's hot (20)

Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmac
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSA
 
Final ss2-digital-signature-group5
Final ss2-digital-signature-group5Final ss2-digital-signature-group5
Final ss2-digital-signature-group5
 
Cryptography
CryptographyCryptography
Cryptography
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
Introduction to cryptography
Introduction to cryptographyIntroduction to cryptography
Introduction to cryptography
 
Ch10
Ch10Ch10
Ch10
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Rsa and diffie hellman algorithms
Rsa and diffie hellman algorithmsRsa and diffie hellman algorithms
Rsa and diffie hellman algorithms
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption Mechanism
 
Information and data security public key cryptography and rsa
Information and data security public key cryptography and rsaInformation and data security public key cryptography and rsa
Information and data security public key cryptography and rsa
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating system
 
Ch9
Ch9Ch9
Ch9
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standard
 
Cryptography
CryptographyCryptography
Cryptography
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5Cryptography and Network security # Lecture 5
Cryptography and Network security # Lecture 5
 

Viewers also liked

Chapter 2: Network Models
Chapter 2: Network ModelsChapter 2: Network Models
Chapter 2: Network Models
Shafaan Khaliq Bhatti
 
Chapter 3: Data & Signals
Chapter 3: Data & SignalsChapter 3: Data & Signals
Chapter 3: Data & Signals
Shafaan Khaliq Bhatti
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network Security
Shafaan Khaliq Bhatti
 
Chapter 7: Transmission Media
Chapter 7: Transmission MediaChapter 7: Transmission Media
Chapter 7: Transmission Media
Shafaan Khaliq Bhatti
 
Chapter 8: Switching
Chapter 8: SwitchingChapter 8: Switching
Chapter 8: Switching
Shafaan Khaliq Bhatti
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
Shafaan Khaliq Bhatti
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of Operation
Shafaan Khaliq Bhatti
 
Chapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and NetworksChapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and Networks
Shafaan Khaliq Bhatti
 
One Flaw over the Cuckoo's Nest
One Flaw over the Cuckoo's NestOne Flaw over the Cuckoo's Nest
One Flaw over the Cuckoo's Nest
Iñaki Rodríguez
 
Ccna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+securityCcna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+securitymysoria
 
Cv
CvCv
Cv
Munim Chaudhry
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical Encryption
Shafaan Khaliq Bhatti
 
Chapter 20: Internet Protocol
Chapter 20: Internet ProtocolChapter 20: Internet Protocol
Chapter 20: Internet Protocol
Shafaan Khaliq Bhatti
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network security
babak danyal
 
Ai 02 intelligent_agents(1)
Ai 02 intelligent_agents(1)Ai 02 intelligent_agents(1)
Ai 02 intelligent_agents(1)
Mohammed Romi
 
Chapter 19: Logical Addressing
Chapter 19: Logical AddressingChapter 19: Logical Addressing
Chapter 19: Logical Addressing
Shafaan Khaliq Bhatti
 
Ch9-Software Engineering 9
Ch9-Software Engineering 9Ch9-Software Engineering 9
Ch9-Software Engineering 9Ian Sommerville
 
Chapter 3: Processes
Chapter 3: ProcessesChapter 3: Processes
Chapter 3: Processes
Shafaan Khaliq Bhatti
 

Viewers also liked (20)

Chapter 2: Network Models
Chapter 2: Network ModelsChapter 2: Network Models
Chapter 2: Network Models
 
Chapter 3: Data & Signals
Chapter 3: Data & SignalsChapter 3: Data & Signals
Chapter 3: Data & Signals
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network Security
 
Chapter 7: Transmission Media
Chapter 7: Transmission MediaChapter 7: Transmission Media
Chapter 7: Transmission Media
 
Chapter 8: Switching
Chapter 8: SwitchingChapter 8: Switching
Chapter 8: Switching
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
 
Block Ciphers Modes of Operation
Block Ciphers Modes of OperationBlock Ciphers Modes of Operation
Block Ciphers Modes of Operation
 
Chapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and NetworksChapter 1: Introduction to Data Communication and Networks
Chapter 1: Introduction to Data Communication and Networks
 
One Flaw over the Cuckoo's Nest
One Flaw over the Cuckoo's NestOne Flaw over the Cuckoo's Nest
One Flaw over the Cuckoo's Nest
 
Ccna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+securityCcna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+security
 
Cv
CvCv
Cv
 
Ch03
Ch03Ch03
Ch03
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical Encryption
 
Chapter 20: Internet Protocol
Chapter 20: Internet ProtocolChapter 20: Internet Protocol
Chapter 20: Internet Protocol
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network security
 
Ai 02 intelligent_agents(1)
Ai 02 intelligent_agents(1)Ai 02 intelligent_agents(1)
Ai 02 intelligent_agents(1)
 
Chapter 19: Logical Addressing
Chapter 19: Logical AddressingChapter 19: Logical Addressing
Chapter 19: Logical Addressing
 
Ch9-Software Engineering 9
Ch9-Software Engineering 9Ch9-Software Engineering 9
Ch9-Software Engineering 9
 
Chapter 3: Processes
Chapter 3: ProcessesChapter 3: Processes
Chapter 3: Processes
 
Diffiehellman
DiffiehellmanDiffiehellman
Diffiehellman
 

Similar to Authentication: keys, MAC

Network Security.ppt
Network Security.pptNetwork Security.ppt
Network Security.ppt
ChSheraz3
 
Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101
Gary Jan
 
Key Management, key management three tools ,
Key Management, key management three tools ,Key Management, key management three tools ,
Key Management, key management three tools ,
salutiontechnology
 
ch13 ABCD.ppt
ch13 ABCD.pptch13 ABCD.ppt
ch13 ABCD.ppt
georgejustymirobi1
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptx
DaveN31
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
ch13.ppt
ch13.pptch13.ppt
ch13.ppt
ssuserfb92ae
 
Blockchain meetup
Blockchain meetupBlockchain meetup
Blockchain meetup
QuantUniversity
 
5.3. Undercover communications
5.3. Undercover communications5.3. Undercover communications
5.3. Undercover communications
defconmoscow
 
authentication.ppt
authentication.pptauthentication.ppt
authentication.ppt
AchinikeWinifred
 
Digital Certified Mail (PPT)
Digital Certified Mail (PPT)Digital Certified Mail (PPT)
Digital Certified Mail (PPT)
Matthew Chang
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
 
User authentication crytography in cse engineering
User authentication crytography in cse engineeringUser authentication crytography in cse engineering
User authentication crytography in cse engineering
mohmmedsahil111
 
SHA_and_DS.pdf
SHA_and_DS.pdfSHA_and_DS.pdf
SHA_and_DS.pdf
Santosh Gupta
 
Lec 10 - Key Management.ppt
Lec 10 - Key Management.pptLec 10 - Key Management.ppt
Lec 10 - Key Management.ppt
IshaKanwal4
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.ppt
ChSheraz3
 

Similar to Authentication: keys, MAC (20)

Network Security.ppt
Network Security.pptNetwork Security.ppt
Network Security.ppt
 
Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101
 
Key Management, key management three tools ,
Key Management, key management three tools ,Key Management, key management three tools ,
Key Management, key management three tools ,
 
ch13 ABCD.ppt
ch13 ABCD.pptch13 ABCD.ppt
ch13 ABCD.ppt
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptx
 
crypto2ssh
crypto2sshcrypto2ssh
crypto2ssh
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
 
ch13.ppt
ch13.pptch13.ppt
ch13.ppt
 
ch13.ppt
ch13.pptch13.ppt
ch13.ppt
 
Blockchain meetup
Blockchain meetupBlockchain meetup
Blockchain meetup
 
5.3. Undercover communications
5.3. Undercover communications5.3. Undercover communications
5.3. Undercover communications
 
authentication.ppt
authentication.pptauthentication.ppt
authentication.ppt
 
Digital Certified Mail (PPT)
Digital Certified Mail (PPT)Digital Certified Mail (PPT)
Digital Certified Mail (PPT)
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
 
User authentication crytography in cse engineering
User authentication crytography in cse engineeringUser authentication crytography in cse engineering
User authentication crytography in cse engineering
 
SHA_and_DS.pdf
SHA_and_DS.pdfSHA_and_DS.pdf
SHA_and_DS.pdf
 
Lec 10 - Key Management.ppt
Lec 10 - Key Management.pptLec 10 - Key Management.ppt
Lec 10 - Key Management.ppt
 
Network security.ppt
Network security.pptNetwork security.ppt
Network security.ppt
 

More from Shafaan Khaliq Bhatti

1- Introduction to Red Hat
1- Introduction to Red Hat1- Introduction to Red Hat
1- Introduction to Red Hat
Shafaan Khaliq Bhatti
 
Linux Servers
Linux ServersLinux Servers
Linux Servers
Shafaan Khaliq Bhatti
 
5 - Networking in Red Hat
5 - Networking in Red Hat5 - Networking in Red Hat
5 - Networking in Red Hat
Shafaan Khaliq Bhatti
 
2- System Initialization in Red Hat
2- System Initialization in Red Hat2- System Initialization in Red Hat
2- System Initialization in Red Hat
Shafaan Khaliq Bhatti
 
3 - Disk Partitioning in Red Hat
3 - Disk Partitioning in Red Hat3 - Disk Partitioning in Red Hat
3 - Disk Partitioning in Red Hat
Shafaan Khaliq Bhatti
 
6 - Package Management in Red Hat
6 - Package Management in Red Hat6 - Package Management in Red Hat
6 - Package Management in Red Hat
Shafaan Khaliq Bhatti
 
11 - SELinux in Red Hat
11 - SELinux in Red Hat11 - SELinux in Red Hat
11 - SELinux in Red Hat
Shafaan Khaliq Bhatti
 
7 - User Administration in Red Hat
7 - User Administration in Red Hat7 - User Administration in Red Hat
7 - User Administration in Red Hat
Shafaan Khaliq Bhatti
 
12 - System Security in Red Hat
12 - System Security in Red Hat12 - System Security in Red Hat
12 - System Security in Red Hat
Shafaan Khaliq Bhatti
 
15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list
Shafaan Khaliq Bhatti
 
13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp
Shafaan Khaliq Bhatti
 
10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr
Shafaan Khaliq Bhatti
 
Chapter 2: Operating System Structures
Chapter 2: Operating System StructuresChapter 2: Operating System Structures
Chapter 2: Operating System Structures
Shafaan Khaliq Bhatti
 
Chapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemChapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating System
Shafaan Khaliq Bhatti
 

More from Shafaan Khaliq Bhatti (15)

1- Introduction to Red Hat
1- Introduction to Red Hat1- Introduction to Red Hat
1- Introduction to Red Hat
 
Linux Servers
Linux ServersLinux Servers
Linux Servers
 
5 - Networking in Red Hat
5 - Networking in Red Hat5 - Networking in Red Hat
5 - Networking in Red Hat
 
2- System Initialization in Red Hat
2- System Initialization in Red Hat2- System Initialization in Red Hat
2- System Initialization in Red Hat
 
3 - Disk Partitioning in Red Hat
3 - Disk Partitioning in Red Hat3 - Disk Partitioning in Red Hat
3 - Disk Partitioning in Red Hat
 
6 - Package Management in Red Hat
6 - Package Management in Red Hat6 - Package Management in Red Hat
6 - Package Management in Red Hat
 
11 - SELinux in Red Hat
11 - SELinux in Red Hat11 - SELinux in Red Hat
11 - SELinux in Red Hat
 
7 - User Administration in Red Hat
7 - User Administration in Red Hat7 - User Administration in Red Hat
7 - User Administration in Red Hat
 
12 - System Security in Red Hat
12 - System Security in Red Hat12 - System Security in Red Hat
12 - System Security in Red Hat
 
15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list15 lecture - acl part1, introduction to access control list
15 lecture - acl part1, introduction to access control list
 
13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp13 lecture - introduction and configuration of eigrp
13 lecture - introduction and configuration of eigrp
 
10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr10 lecture - ospf part1 , introduction to ospf , areas and abr
10 lecture - ospf part1 , introduction to ospf , areas and abr
 
Chapter 2: Operating System Structures
Chapter 2: Operating System StructuresChapter 2: Operating System Structures
Chapter 2: Operating System Structures
 
Chapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating SystemChapter 1: Introduction to Operating System
Chapter 1: Introduction to Operating System
 
Chapter 01 (Discovering Computers)
Chapter 01 (Discovering Computers)Chapter 01 (Discovering Computers)
Chapter 01 (Discovering Computers)
 

Recently uploaded

Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
Excellence Foundation for South Sudan
 
Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)
rosedainty
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
beazzy04
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdfESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
Fundacja Rozwoju Społeczeństwa Przedsiębiorczego
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative Thoughts
Col Mukteshwar Prasad
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
Steve Thomason
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
Vivekanand Anglo Vedic Academy
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
AzmatAli747758
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
bennyroshan06
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
PedroFerreira53928
 

Recently uploaded (20)

Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
 
Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)Template Jadual Bertugas Kelas (Boleh Edit)
Template Jadual Bertugas Kelas (Boleh Edit)
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdfESC Beyond Borders _From EU to You_ InfoPack general.pdf
ESC Beyond Borders _From EU to You_ InfoPack general.pdf
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative Thoughts
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
 

Authentication: keys, MAC

  • 1. Authentication: keys, MAC, hashes, message digests, digital signatures
  • 2. Topics • In a confidential communication the authenticity needs to be carefully established for: • �The two partners • �Before sending any confidential information one needs to be sure to whom it sends that information: authentication protocols • �The messages received by each partner • �One needs to be sure that the message received has not been modified –it coincides with the sent message: message authentication • �If the two partners do not quite trust each other, they need to make sure that the sender cannot later deny having sent the message and the receiver cannot have devised the message himself: digital signatures
  • 3. I. Authentication protocols • Such protocols enable communicating parties to satisfy themselves mutually about each other’s identity and possibly, to exchange session keys • �Two central problems here: confidentiality and timeliness • �Essential identification information and the session keys must be communicated in encrypted form • �Because of the threat of replay, timeliness is essential here • �Replays could allow the attacker to get a session key or to impersonate another party • �At minimum, the attacker could disrupt operations by presenting parties with messages that appear genuine but are not – aims at a denial of service attack • �Two approaches are generally used to defend replay attacks • �Timestamps: A accepts a message as fresh only if it contains a timestamp that, in A’s judgment, is close enough to A’s knowledge of current time –clocks need to be synchronized • �Challenge/response: A, expecting a fresh message from B, first sends B a random number (challenge) and requires that the subsequent message (response) received from B contains that random number or some agree-upon transformation on it (this is also called hand-shaking sometimes
  • 4. Authentication protocols and setting up secret keys A Direct authentication 1.Based on a shared secret master key 2.Based on a public-key system 3.Diffie-Hellman B. Mediated authentication 1.Based on key distribution centers 2.Kerberos
  • 5. A1. Authentication based on a shared secret key • Assume here that A and B already share a secret key –this is called sometimes the master key MK because the two will only use this rarely, whenever they need to authenticate each other and establish a session key • �Master keys will only be used to establish session keys • �Concentrate here on how to establish session keys • �Protocol • �A issues a requests to B for a session key and includes a nonce N1 • �B responds with a message encrypted using the shared master key –include there the session key he selects, A’s id, a value f(N1) and another nonce N2 • �At this point, A is sure of B’s identity: only he knows the master key; B is not sure of anything yet • �Using the new session key, A return f(N2) to B • �B is sure of A’s identity: only A can read the message he sent, including the session key
  • 6.
  • 7. A2. A general scheme of public-key authentication (and distribution of secret keys) • �Assume here that A and B know each other’s public key • �N1 and N2 in the scheme are random numbers –they ensure the authenticity of A and B (because only they can decrypt the messages and read N1 and N2) • �After Step 2, A is sure of B’s identity: right response to its challenge • �After Step 3, B is sure of A’s identity: right response to its challenge
  • 8.
  • 9. A3. A concrete scheme: Diffie-Hellman key exchange • This is the first ever published public-key algorithm –used in a number of commercial products • Elegant idea: establish a secret key based on each other’s public keys • Protocol • Alice and Bob need to agree on two large numbers n,g, where n is prime, (n-1)/2 is also prime and some extra conditions are satisfied by g (to defeat math attacks) –these numbers may be public so Alice could generate this on her own� • Alice picks a large (say, 512-bit) number x and B picks another one, say y� • Alice initiates the key exchange protocol by sending Bob a message containing (n,g,g^xmod n)� • Bob sends Alice a message containing g^ymod n� • Alice raises the number Bob sent her to the x-th power mod n to get the secret key: (g^ymod n)^ x mod n=g^xy mod n� • Bob raises the number Alice sent to the y-thpower modulo n to get the secret key: (g^x mod n)^y mod n= g^xy mod n
  • 10.
  • 11. B1. Authentication using key distribution centers (KDC) Authentication using key distribution centers (KDC) • �Setting up a shared key was fairly involved with the previous approaches and perhaps not quite worth doing • �Each user has to maintain a secret key (perhaps on some plastic card) for each of his friends –this may be a problem for popular people • �Different approach: have a trusted key distribution center (KDC) • �Each user maintains one single secret key –the one to communicate with KDC • �Authentication and all communications go through KDC • �Alice picks Ks and tells KDC that she wants to talk to Bob using Ks–A uses secret key KA used only to communicate with KDC • �KDC decrypts the message and sends Ks to Bob together with Alice’s id –KDC uses key KB used only to communicate with B • �Authentication here is for free –key KA is only known to A and KDC
  • 12. Replay attack to the KDC-based protocol • Say Eve manages to get a job with Alice and after doing the job, she asks Alice to pay her by bank transfer. • �Alice establishes a secret key with the banker Bob and then sends Bob a message requesting money to be transferred to Eve’s account • Eve however is back to her old business, snooping on the network–she copies message 2 in the protocol and the request for money that follows� • Later Eve replays both messages to Bob –Bob will think that Alice has hired again Eve and pays Eve the money� • Eve is able to do many iterations of the procedure –replay attack • Solution 1: include a timestamp with the message –any old message will be discarded� • Problem: clocks are not always exactly synchronized so there will be a period when the message is still valid�
  • 13. Authentication using Kerberos • Kerberos is an authentication protocol used in many systems, including Windows 2000, using the KDC-based approach • �Kerberos was the name of a multi head dog in Greek mythology that used to guard the entrance to Hades • �Designed at MIT to allow workstation users to access network resources securely • �As such, it relies on the assumption that all clocks are fairly well synchronized • �Kerberos v4 is the most widely used version –the one we discuss here • �Includes three servers that communicate with Alice (at the workstation) • �Authentication server (AS) –verifies the user during login • �It shares a secret password with each user (plays the role of the KDC) • �Ticket-granting server (TGS) –issues “proof of identity tickets” • �Tickets will be used by the user to perform various jobs • �Bob the server –actually does the work Alice needs to do, based on the identity ticket • �Based on the identity ticket will grant Alice the right she is entitled to
  • 14. Authentication using Kerberos 1. A sits down at an arbitrary public workstation and types her name • �Workstation sends her name to the AS in plaintext 1. AS sends back a session key KS and a ticket KTGS(A,KS) for TGS –both encrypted with A’s secret key • �At this point the workstation asks for A’s password • �Password is used to generate the secret key and decrypt the message, obtaining the ticket for TGS
  • 16. Authentication using Kerberos • A tells the workstation she needs to contact the file server Bob 3. Workstation sends a message to TGS asking for a ticket to use Bob • �Key element here is the ticket for TGS received from AS –this proves to TGS that the sender is really A 4. TGS creates and sends back a session key KAB for A to use with B • �TGS sends a message encrypted with KS so that A can read and get KAB • �TGS also includes a message intended only for Bob, sending A’s identity and the key KAB • �If Eve replays message 3 she will be foiled by the timestamp t • �Even if she replays the message quickly she will only get a copy of message 4 that she cannot read 5 Alice can now communicate with Bob using KAB 6. Bob confirms he has received the request and is ready to do the work
  • 17. II. Digital signatures • Having a sort of digital signature replacing hand written signatures is essential in the cyber-world • �This is crucial between two parties who do not trust each other and need protection from each other’s later false claims • Requirements for a digital signature • �Must authenticate the content of the message at the time of the signature • �Must authenticate the author, date, and time of the signature • �Receiver can verify the claimed identity of the sender • �Sender cannot later repudiate the content of the message • �Receiver cannot possibly have concocted the message himself • �Can be verified by third-parties to resolve disputes • �Examples: • �The bank needs to verify the identity of the client placing a transfer order • �The client cannot deny later having sent that order • �It is impossible for the bank to create transfer orders and claim they actually came from the client
  • 18. Digital signatures • Computational requirements • �Must be a bit pattern depending on the message being signed • �Signature must use some information unique to the sender to prevent forgery and denial • �Computationally easy to produce a signature • �Computationally easy to recognize and verify the signature • �Computationally infeasible to forge a digital signature • ��Practical to retain a copy of the digital signature in storage
  • 19. Two general schemes for digital signatures • Arbitrated digital signatures • �Every signed message from A to B goes to an arbiter BB (Big Brother) that everybody trusts • �BB checks the signature and the timestamp, origin, content, etc. • �BB dates the message and sends it to B with an indication that it has been verified and it is legitimate
  • 20. Arbitrated digital signatures • E.g., every user shares a secret key with the arbiter • �A sends to BB in an encrypted form the plaintext P together with B’s id, a timestamp and a random number RA • �BB decrypts the message and thus makes sure it comes from A; it also checks the timestamp to protect against replays • �BB then sends B the message P, A’s id, the timestamp and the random number RA; he also sends a message encrypted with his own private key (that nobody knows) containing A’s id, timestamp t and the plaintext P (or a hash) • �B cannot check the signature but trusts it because it comes from BB –he knows that because the entire communication was encrypted with KB • �B will not accept old messages or messages containing the same RA to protect against replay • �In case of dispute, B will show the signature he got from BB (only BB may have produced it) and BB will decrypt it
  • 21. Direct digital signatures • This involves only the communicating parties and it is based on public keys • �The sender knows the public key of the receiver • �Digital signature: encrypt the entire message (or just a hash code of the message) with the sender’s private key • �If confidentiality is required: apply the receiver’s public key or encrypt using a shared secret key
  • 22. DS • Weaknesses: • �The scheme only works as long as KRA remains secret: if it is disclosed (or A discloses it herself), then the argument of the judge does not hold: anybody can produce the signature • �Attack: to deny the signature right after signing, simply claim that the private key has been lost– similar to claims of credit card misuse • �If A changes her public-private keys (she can do that often) the judge will apply the wrong public key to check the signature • �Attack: to deny the signature change your public-private key pair–this should not work if a PKI is used because they may keep trace of old public keys • �A should protect her private key even after she changes the key