95-702 Distributed SystemsThis Week’s TopicsGoals Of Secure VotingFirst AttemptSecond AttemptCast of CharactersCryptography NotationCategories of Encryption AlgorithmsScenario 1Scenario 2Scenario 3Scenario 4Alice’s Bank Account CertificatePublic-Key Certificate for Bob’s BankDigital Signatures With Public KeysSignatures With a Shared Secret KeyX509 Certificate FormatThe Needham–Schroeder Secret-Key Authentication ProtocolSystem Architecture of KerberosSSL OverviewSSL Handshake ProtocolSSL Protocol StackTLS Handshake Configuration OptionsSlide 24SSL and Web ApplicationsSSL DetailAbbreviated Handshake (1)Abbreviated Handshake (2)Abbreviated Handshake (3)Abbreviated Handshake (4)Writing a simple SSL ClientCreating a Truststore(1) Use keytool - genkey to create an RSA key pairSlide 34Slide 35(2) Use keytool –export to generate a self-signed RSA certificate (holding no private key)(3) Use keytool –import to place the certificate into a truststoreSlide 38Slide 39File OrganizationClient.javaSlide 42Slide 43Server.javaSlide 45Slide 46Slide 47Slide 48On the serverOn the clientWhat we have so far…Slide 52For client authentication we needSlide 54(1) Generate a key pair for the clientSlide 56(2) Extract a client certificate from the key pair(3) Copy the certificate to the server(4) Import the certificate into the server's truststoreSlide 60Slide 61(5) Have the server code trust the truststoreSlide 63Slide 64Slide 65Slide 66(6) Have the client code know about its own keysSlide 68Slide 69TestingTesting after deleting the server’s truststoreTesting after deleting the client’s truststoreConfiguring Tomcat for SSLSlide 74Slide 75Use Admin Tool to tell a Web Container about SSLSlide 77Slide 78Slide 79Slide 8095-702 Distributed Systems1Master of Information System Management95-702 Distributed SystemsLecture 14: Some Important Cryptographic Protocols95-702 Distributed Systems2Master of Information System ManagementThis Week’s Topics•Secure Voting•Cryptographic notation•Four Scenarios from Colouris•Needham Schroeder•Kerberos•SSL •Using SSL Sockets95-702 Distributed Systems95-702 Distributed Systems3Goals Of Secure Voting•Only Authorized Voters Can Vote•No one can vote more than once•No one can determine for whom anyone else voted•No one can duplicate anyone else’s vote•No one can change anyone else’s vote without being discovered•Every voter can make sure that his vote has been taken into account in the final tabulation.95-702 Distributed Systems95-702 Distributed Systems4First Attempt•Each voter encrypts his vote with the public key of a Central Tabulating Facility (CTF)•Each voter send his vote in to the CTF•The CTF decrypts the votes, tabulates them, and makes the results public•What are some problems with this protocol?95-702 Distributed Systems95-702 Distributed Systems5Second Attempt•Each voter signs his vote with his private key•Each voter encrypts his signed vote with the CTF’s public key•Each voter send his vote to the CTF•The CTF decrypts the votes, checks the signature, tabulates the votes and makes the results public•What are some problems with this protocol?95-702 Distributed Systems6Master of Information System ManagementCast of CharactersAlice First participantBob Second participantCarol Participant in three- and four-party protocolsDave Participant in four-party protocolsEve EavesdropperMallory Malicious attackerSara A server95-702 Distributed Systems7Master of Information System ManagementCryptography NotationKAAlice’s key that she keeps secret.KBBob’s key that he keeps secret.KABSecret key shared between Alice and BobKAprivAlice’s private key (known only to Alice in asymmetric key crypto)KApubAlice’s public key (published by Alice for all to read){M}KMessage M encrypted with key K[M]KMessage M signed with key K95-702 Distributed Systems8Master of Information System ManagementCategories of Encryption AlgorithmsSymmetric key encryption. Also called secret key crypto. Alice sends {M}Kab and Bob can read it. Bob knows Kab.Asymmetric key encryption. Also called public key crypto. Alice sends {M}KBpub and Bob can read it. Bob knows KBpriv.Public key encryption is typically 100 to 1000times slower than secret key encryption.95-702 Distributed Systems9Master of Information System ManagementScenario 1Goal: Alice and Bob want to exchange messages using a shared and secret symmetric key.Alice and Bob share KAB.Alice computes E(KAB,Mi) for each message i.She sends these to Bob.Bob uses D(KAB, {Mi} KAB ) and reads each Mi. Problems: How do Bob and Alice communicate the key KAB? How does Bob know that {Mi} KAB isn’t a replay of an old message?95-702 Distributed Systems10Master of Information System ManagementScenario 2Goal: Authenticate Alice allowing her to access files held by Bob.Alice asks Sarah for a ticket to talk to Bob.Sarah knows Alice’s password so she can compute KA.Sarah send to Alice {{Ticket}KB,KAB}KA. A challenge!Alice knows her password and is able to compute KA.Note that the password is never placed on the network. Alice is able to compute {Ticket}KB and KAB. How?Alice sends a read request to Bob. She sends{Ticket}KB,Alice,Read. Another challenge!Bob uses KB to read the content of the Ticket.The Ticket is KAB,Alice. Bob and Alice then use this session key to communicate.Problems: Old tickets may be replayed by Mallory. Suppose she has an old session key. Does not scale well : Sarah must know KA, KB ….95-702 Distributed Systems11Master of Information System Management11Master of Information System ManagementScenario 3Goal: Non-repudiation. Alice signs a digital message M. She computes a digest of M, Digest(M).If the Digest method is a good one, it is very difficult to find anothermessage M’ so that Digest(M) == Digest(M’).Alice makes the following available to the intended users:M,{Digest(M)}KApriv. Bob obtains the signed document, extracts M and computes Digest(M).Bob decrypts {Digest(M)}KApriv using KApub and compares theresult with his calculated Digest(M). If they match, the signatureis valid.Problems: Suppose Alice releases her private key to the world. She can now deny that she signed the message.95-702 Distributed Systems12Master of Information System ManagementScenario 4Bob and Alice wish to establish a shared secret KAB.Alice uses a key distribution service to get Bob’s public key.This key comes in a certificate. So, Bob’s public key has beensigned
View Full Document
Unlocking...