Cryptography & network security exercise 3
PKI - Public Key Infrastructure
▫ X.509 Authentication service
▫ Based on asymmetric cryptography
▫ Basic function - authentication of public
keys
▫ Achieved by signing public keys
▫ Public key certificates issued by certifying
authorities (CA)
▫ Permits different public key algorithms
▫ Revocation of certificates
17 trang |
Chia sẻ: nguyenlam99 | Lượt xem: 828 | Lượt tải: 0
Bạn đang xem nội dung tài liệu Cryptography & network security exercise 3, để tải tài liệu về máy bạn click vào nút DOWNLOAD ở trên
Cryptography & Network Security
Exercise 3
1
BK
TP.HCM
Content
Authentication
Digital Signatures
2
BK
TP.HCM
Message Authentication
• Authentication
▫ establishing or confirming something
• Message Authentication
▫ a mechanism or service used to verify the
integrity of a message
3
BK
TP.HCM
Authentication requirements
• Attacks
▫ Masquerade
▫ Content modification
▫ Sequence modification
▫ Timing modification
4
BK
TP.HCM
Authentication Functions
• Message encryption
• Message Authentication Code (MAC)
• Hash function
5
BK
TP.HCM
Message encryption
6
BK
TP.HCM
Message Authentication Code (MAC)
MAC = C(K, M)
7
BK
TP.HCM
Hash function
• h = H(M)
8
BK
TP.HCM
Hash function - Birthday attack
• Birthday problem
▫ 23 randomly chosen people
▫ 50% probability that some pair of them will have
the same birthday
)!365(365
!3651)(
n
np n
9
BK
TP.HCM
Hash function - Birthday attack
• Birthday problem
• General problem:
10
BK
TP.HCM
Hash function - Birthday attack
• Strategy
▫ Source A uses hash code to sign a message
and encrypts hash code with A’s PRa
▫ The opponent generates 2m/2 variations of
message (valid and fraudulent)
A pair of messages producing the same hash
code
▫ The opponent offers the valid variation to A
for signature
▫ Attach this signature to fraudulent message
11
BK
TP.HCM
Message Authentication
Questions
▫ 11.1 – 11.7
▫ 12.2
Problems
▫ 11.1 -11.2, 11.4 – 11.6
▫ 12.2 - 12.3
12
BK
TP.HCM
Digital Signatures
Practical Signature Schemes
13
BK
TP.HCM
Digital Signatures
Distribution of Public Keys
▫ public announcement
▫ publicly available directory
▫ public-key authority
▫ public-key certificates
14
BK
TP.HCM
Digital Signatures
PKI - Public Key Infrastructure
▫ X.509 Authentication service
▫ Based on asymmetric cryptography
▫ Basic function - authentication of public
keys
▫ Achieved by signing public keys
▫ Public key certificates issued by certifying
authorities (CA)
▫ Permits different public key algorithms
▫ Revocation of certificates
15
BK
TP.HCM
Digital Signatures
PKI - Public Key Infrastructure
▫ X.509 Authentication service
▫ Based on asymmetric cryptography
▫ Basic function - authentication of public
keys
▫ Achieved by signing public keys
▫ Public key certificates issued by certifying
authorities (CA)
▫ Permits different public key algorithms
▫ Revocation of certificates
16
BK
TP.HCM
Digital Signatures
Questions
▫ 10.1 – 10.5
▫ 13.7 – 13.9
Problems
▫ 13.3
17
Các file đính kèm theo tài liệu này:
- ex3_networksecurity_5463.pdf