Security Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy: preventing unauthorized release of information Authentication: verifying identity of the remote participant Integrity: making sure message has not been altered SecurityCryptographyalgorithmsPublickey(e.g., RSA)Secretkey(e.g., DES)Messagedigest(e.g., MD5)SecurityservicesAuthenticationPrivacy MessageintegritySecret Key (DES)PlaintextEncrypt withsecret keyCiphertextPlaintextDecrypt withsecret keyPublic Key (RSA) Encryption & Decryptionc = memod nm = cdmod nPlaintextEncrypt withpublic keyCiphertextPlaintextDecrypt withprivate keyMessage Digest Cryptographic checksum just as a regular checksum protects the receiver from accidental changes to the message, a cryptographic checksum protects the receiver from malicious changes to the message. One-way function given a cryptographic checksum for a message, it is virtually impossible to figure out what message produced that checksum; it is not computationally feasible to find two messages that hash to the same cryptographic checksum. Relevance if you are given a checksum for a message and you are able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given. Public key authentication ABE(x, PublicB)xKey Distribution Certificate special type of digitally signed document: “I certify that the public key in this document belongs to the entity named in this document, signed X.” the name of the entity being certified the public key of the entity the name of the certified authority a digital signature Certified Authority (CA) administrative entity that issues certificates useful only to someone that already holds the CA’s public
View Full Document