brian lamacchia agenda
play

Brian LaMacchia Agenda Guest lecture: Christian Rechberger, KU - PowerPoint PPT Presentation

Oct 24, 2023 •222 likes •984 views

Winter 2011 Josh Benaloh Brian LaMacchia Agenda Guest lecture: Christian Rechberger, KU Leuven Towards SHA-3 Message-based protocols S/MIME XMLDSIG & XMLENC IPsec (depending on time) Design Charrette Part II

  1. Winter 2011 Josh Benaloh Brian LaMacchia

  2. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 2

  3. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 3

  4. Message-Based Protocols  “Session” vs. “Message”  Synchronous vs. Asynchronous  In message-based protocols, we cannot assume we have the luxury of being able to negotiate ciphersuites, parameter values, etc.  In the common scenario, each message is a “fire -and- forget” communication  Each message has to contain enough information to allow the recipient to decrypt it. February 10, 2011 Practical Aspects of Modern Cryptography 4

  5. Message-Based Protocols  There are lots of message-based protocols  Examples: RPC, routing table updates  The most common scenario to date, though, is e-mail  Digitally signed for sender authentication and integrity protection  Encrypted for confidentiality February 10, 2011 Practical Aspects of Modern Cryptography 5

  6. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 6

  7. S/MIME  Secure Multipurpose Internet Mail Extensions  Initially designed by RSA-led vendor consortium in 1995  S/MIME messaging and S/MIME certificate handling are Internet RFC’s  Widely supported format for secure e-mail messages  Uses X.509v3 certificates February 10, 2011 Practical Aspects of Modern Cryptography 7

  8. Scenario Assumptions  Each participant has two public-private key pairs: one for signing messages and one for receiving encrypted messages from others  “Separation of duty” – separate keys (with separate controls) for separate uses  Encryption key archival/escrow/recovery  For now, we assume key distribution isn’t a problem for participants  If I want to send you a message, I can obtain a copy of your encryption public key that I trust.  If you want to verify a message I signed, you can obtain a copy of my public signing key that you trust. February 10, 2011 Practical Aspects of Modern Cryptography 8

  9. Encrypting Messages  How do we want to encrypt messages?  We have public keys for recipients, so we could repeatedly apply PK-encryption to portions of the message  Recall that we can only RSA-encrypt messages M with |M| ≤ |n|  Plus, public key encryption is relatively slow, so we’d like to use it efficiently  Idea: use PK to convey a random symmetric “session” key to recipients February 10, 2011 Practical Aspects of Modern Cryptography 9

  10. Encrypting Messages  We use symmetric encryption with randomly-generated session keys to encrypt message bodies  Since symmetric encryption is fast and messages may be arbitrarily large  We use public-key encryption to encrypt the session keys to message recipients  We send both encrypted message and session key as a unit to recipients… February 10, 2011 Practical Aspects of Modern Cryptography 10

  11. Message Encryption Alice Sym. m Message February 10, 2011 Practical Aspects of Modern Cryptography 11

  12. Decrypting Messages  Message decryption is just the reverse from encryption  Recipients use their private encryption key to decrypt the session key for the message  Recipients then use the session key to symmetrically decrypt the message body. February 10, 2011 Practical Aspects of Modern Cryptography 12

  13. Message Decryption Sym. Bob m February 10, 2011 Practical Aspects of Modern Cryptography 13

  14. Signing Messages  How do we want to sign messages?  Each user has a signing key pair, but again we can only sign values that are at most the same size as our signing public key modulus  So we can’t sign the entire message directly, and repeated signing of parts of the message would open us up to attacks  Idea: Sign a hash of the message February 10, 2011 Practical Aspects of Modern Cryptography 14

  15. Signing Messages  To sign a message, we first choose a cryptographic hash function H() to use with our signature algorithm  Normally defined as part of a signing ciphersuite  We apply the hash function H to the exact sequence of bytes that forms our message (usually including header info)  We sign the hash value  We append the signed hash value to the message. February 10, 2011 Practical Aspects of Modern Cryptography 15

  16. Digital Signatures Provide Authentication and Integrity Alice m Hash Value Signed m Hash Message Hash Function February 10, 2011 Practical Aspects of Modern Cryptography 16

  17. Verifying Signatures  To verify a signed message, the recipient has to do three things:  Independently compute the hash value of the signed portion of the message  Verify that the signature on the message came from the sender (by applying the sender’s public signing key)  This yields the hash value signed by the sender  Compare the independently-computed hash value with the one the sender signed  If the hash values are equal, then the message has not been modified since it was signed. February 10, 2011 Practical Aspects of Modern Cryptography 17

  18. Verifying Signatures m Hash Value m Hash Function Bob Message Hash Value February 10, 2011 Practical Aspects of Modern Cryptography 18

  19. More Complex Signatures  A single signer acknowledging understanding or commitment to different concepts or agreements within one document.  Multiple signers signing unique content within the same document.  Multiple signers “co - signing” the same content within the same document.  Multiple signers, one signing content the other “counter - signing” the prior signature. February 10, 2011 Practical Aspects of Modern Cryptography 19

  20. Co-Signing  Alice and Bob want to sign the same message “in parallel” Co-Signed Alice Message Signed Hash 1 m m Hash To-be-signed Hash Value Message Function Bob Signed Hash 2 February 10, 2011 Practical Aspects of Modern Cryptography 20

  21. Counter-Signing  Alice and Bob want to sign the same message “in series” (Alice first, then Bob) Alice m Hash Alice Value m Hash Signed Message Function Hash Signed by Alice m Bob Hash Hash Value Bob Function Signed Counter-Signed Message Hash February 10, 2011 Practical Aspects of Modern Cryptography 21

  22. PKCS #7/CMS Structure CMS Signer Info 1 Signer Info 2 Version Signer Info 3 Digest Algorithm Content Signer Info Certificates Version CRLs Serial Number Signer Infos Digest Algorithm Authenticated Attributes Unauthenticated Attributes Countersignatures go here Digital Signature February 10, 2011 Practical Aspects of Modern Cryptography 22

  23. Limitations of the CMS format  The CMS standard only covers “wrapped” signatures  Signatures where the signed content is enclosed by the signature object  Signing assumes you start with a bytestream that is completely immutable  This is the safest assumption, but sometimes it’s overly conservative  Example: CR-LF rewriting and tab/whitespace conversions for text. February 10, 2011 Practical Aspects of Modern Cryptography 23

  24. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 24

  25. What is XML? <Address> <Street>1 Microsoft Way</Street> <City>Redmond</City> <State>WA</State> <ZipCode>98052</ZipCode> </Address> February 10, 2011 Practical Aspects of Modern Cryptography 25

  26. What is XML?  XML is a W3C standard for describing “markup languages”  XML == “eXtensible Markup Language”  Had its roots in SGML (of which HTML is an offshoot)  Now, though, XML has really become a standard means of representing data structures in text.  “XML provides a text -based means to describe and apply a tree- based structure to information.” -- Wikipedia February 10, 2011 Practical Aspects of Modern Cryptography 26

  27. Securing XML  As XML’s popularity grew, so did the need to secure XML objects (trees of XML elements)  How should we sign & encrypt XML?  One possibility: just treat an XML object as a byte sequence and use S/MIME  It’s just a sequence of characters, so we can Unicode encode that sequence, hash it, encrypt it and wrap it in S/MIME February 10, 2011 Practical Aspects of Modern Cryptography 27

Recommend

Brian LaMacchia Agenda Guest lecture: Tolga Acar, Distributed Key Management and

Brian LaMacchia Agenda Guest lecture: Tolga Acar, Distributed Key Management and

Winter 2011 Josh Benaloh Brian LaMacchia Agenda Guest lecture: Tolga Acar, Distributed Key Management and Cryptographic Agility Hardware crypto tokens Smart cards TPMs (v1.2 &amp; .Next) tokens for PCs

676 views • 43 slides
Brian LaMacchia Agenda Integrity Checking (HMAC redux) Protocols (Part 1 Session-based

Brian LaMacchia Agenda Integrity Checking (HMAC redux) Protocols (Part 1 Session-based

Winter 2011 Josh Benaloh Brian LaMacchia Agenda Integrity Checking (HMAC redux) Protocols (Part 1 Session-based protocols) Introduction Kerberos SSL/TLS Certificates and Public Key Infrastructure (PKI) Certificates

1.81k views • 135 slides
Supersingular Isogeny Key Encapsulation Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca

Supersingular Isogeny Key Encapsulation Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca

Supersingular Isogeny Key Encapsulation Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev November 14 ECC 2017 Nijmegen,

769 views • 75 slides
Todays agenda Brian Reed Water, Engineering and Development Centre Todays agenda

Todays agenda Brian Reed Water, Engineering and Development Centre Todays agenda

Todays agenda Brian Reed Water, Engineering and Development Centre Todays agenda Institutional policy and Evaluation strategy Initial Validation study Analysis Delivery Design Knowledge EKIMEEZA International WATER

871 views • 44 slides
2018 SMALL BEGINNINGS BIG VISION AGENDA Brian Joffe - CEO Welcome and introduction Peter

2018 SMALL BEGINNINGS BIG VISION AGENDA Brian Joffe - CEO Welcome and introduction Peter

LONG4LIFE LIMITED RESULTS PRESENTATION PERIOD ENDED 28 FEBRUARY 2018 SMALL BEGINNINGS BIG VISION AGENDA Brian Joffe - CEO Welcome and introduction Peter Riskowitz - CFO Results overview Brian Joffe - CEO Progress The future

590 views • 28 slides
PRESENTATION 2019 AGENDA Brian Joffe Group CEO Overview and year in review

PRESENTATION 2019 AGENDA Brian Joffe Group CEO Overview and year in review

Long4Life Limited ANNUAL RESULTS PRESENTATION 2019 AGENDA Brian Joffe Group CEO Overview and year in review Mireille Levenstein CFO Financial analysis Brian Joffe Group CEO Operational analysis - Sport and

629 views • 43 slides
Smoke in Urban Areas FEMTC 2016 Nov 16-18 2016 Brian Lee Brian.lee@snclavalin.com

Smoke in Urban Areas FEMTC 2016 Nov 16-18 2016 Brian Lee Brian.lee@snclavalin.com

Smoke Dispersion Modelling of Exhausted Tunnel Fire Smoke in Urban Areas FEMTC 2016 Nov 16-18 2016 Brian Lee Brian.lee@snclavalin.com Vancouver, Canada Tunnel Ventilation Engineer Agenda TVS Overview SDA Modelling

514 views • 27 slides
and Customization Brian Laird, Implementation Manager OmniUpdate Agenda Background: OU

and Customization Brian Laird, Implementation Manager OmniUpdate Agenda Background: OU

Page Template Creation and Customization Brian Laird, Implementation Manager OmniUpdate Agenda Background: OU Campus as a System What is a template? Page Tagging for Editable Regions New Page Forms Agenda

636 views • 50 slides
OUR FIRST SIX MONTHS A GOOD BEGINNING Presented by Brian Joffe, CEO AGENDA Introducing

OUR FIRST SIX MONTHS A GOOD BEGINNING Presented by Brian Joffe, CEO AGENDA Introducing

OUR FIRST SIX MONTHS A GOOD BEGINNING Presented by Brian Joffe, CEO AGENDA Introducing Long4Life JSE Listing Business philosophy Asset ownership criteria Preferred business sectors Progress so far on acquiring assets Sorbet, Holdsport

436 views • 17 slides
May 10, 2013 Samira Monshi Seungwon Noh Wilfredo Rodezno Brian Skelly Agenda Project

May 10, 2013 Samira Monshi Seungwon Noh Wilfredo Rodezno Brian Skelly Agenda Project

May 10, 2013 Samira Monshi Seungwon Noh Wilfredo Rodezno Brian Skelly Agenda Project Overview Background on Alternative Jet Fuel Problem Description and Scope Technical Approach Analysis and Results Conclusion,

751 views • 44 slides
IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN | EVOLVE PROJECT AGENDA

IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN | EVOLVE PROJECT AGENDA

IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN | EVOLVE PROJECT AGENDA A high level overview of what to implement in your library to make it secure. With the rise of data breaches, identity theft, malicious hacking,

1.03k views • 49 slides
AntiPhish Project Presentation Brian Witten December 2006 December 18 th 2006 Agenda Agenda 1.

AntiPhish Project Presentation Brian Witten December 2006 December 18 th 2006 Agenda Agenda 1.

AntiPhish Project Presentation Brian Witten December 2006 December 18 th 2006 Agenda Agenda 1. Work Package 2 Requirements and Specification 2. Work Package 1 Data Generation and Dissemination 3. Work Package 5 Message

582 views • 18 slides
mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat

mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat

mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat Agenda Who is Brian Stansberry? Principal Software Engineer at Red Hat Technical Lead for JBoss Application Server Clustering Part of

528 views • 18 slides
Gaston-Cleveland-Lincoln MPO CTP Meeting Brian Wert, P.E. December 10, 2014 Agenda Project

Gaston-Cleveland-Lincoln MPO CTP Meeting Brian Wert, P.E. December 10, 2014 Agenda Project

Gaston-Cleveland-Lincoln MPO CTP Meeting Brian Wert, P.E. December 10, 2014 Agenda Project progress to date STIP review Survey analysis Vision statement implications Alternatives analysis preparation Next steps

235 views • 21 slides
Support for a Children and Families Agenda January 24, 2016 Celinda Lake Brian Nienaber Lake

Support for a Children and Families Agenda January 24, 2016 Celinda Lake Brian Nienaber Lake

Support for a Children and Families Agenda January 24, 2016 Celinda Lake Brian Nienaber Lake Research Partners Washington, DC | Berkeley, CA | New York, NY LakeResearch.com 202.776.9066 Methodology Election Eve Omnibus Survey Lake

298 views • 27 slides
FY20 Half Year results 10 December 2019 26 weeks ended 27 October 2019 Agenda CEO update Brian

FY20 Half Year results 10 December 2019 26 weeks ended 27 October 2019 Agenda CEO update Brian

FY20 Half Year results 10 December 2019 26 weeks ended 27 October 2019 Agenda CEO update Brian Duffy, CEO FY20 H1 financial results and FY20 full year outlook Anders Romberg, CFO Operational review, summary and outlook Brian Duffy, CEO

1.15k views • 73 slides
145 808 Extraordinary people Proudly Bidvest www.bidvest.com Agenda 1 Overview Brian Joffe

145 808 Extraordinary people Proudly Bidvest www.bidvest.com Agenda 1 Overview Brian Joffe

The Bidvest Group Limited Financial Results for the half-year ended December 31 2014 145 808 Extraordinary people Proudly Bidvest www.bidvest.com Agenda 1 Overview Brian Joffe Group CE 2 Bidvest Financials David Cleasby Group FD

591 views • 35 slides
INVESTOR DAY January 10, 2019 - Calgary AGENDA Timeline Item Presenters Brian Newmarch 9:00

INVESTOR DAY January 10, 2019 - Calgary AGENDA Timeline Item Presenters Brian Newmarch 9:00

TSX: VII INVESTOR DAY January 10, 2019 - Calgary AGENDA Timeline Item Presenters Brian Newmarch 9:00 am Introduction VP Capital Markets Marty Proctor 9:05 am Strategy Chief Executive Officer Derek Aylesworth 9:25 am 2019 Capital

802 views • 66 slides
TETRA to 2035 and beyond Dave Chater Lea J eppe J epsen Brian M urgatroyd Agenda

TETRA to 2035 and beyond Dave Chater Lea J eppe J epsen Brian M urgatroyd Agenda

TETRA to 2035 and beyond Dave Chater Lea J eppe J epsen Brian M urgatroyd Agenda Introduction to TETRA success M arketing overview Interoperability testing TETRA standard overview Ongoing development of the

1.05k views • 24 slides
Brought to you by coloradosprings.js Presented by Brian Parks Who am I? Brian Parks

Brought to you by coloradosprings.js Presented by Brian Parks Who am I? Brian Parks

Brought to you by coloradosprings.js Presented by Brian Parks Who am I? Brian Parks Founder and CEO of Synapse Software (synapsesoftware.com) From C to PHP and .NET Javascript is awesome! http://slidesha.re/1jCKMMD What

432 views • 13 slides
Financial results for the half year ended December 31 2016 Agenda Brian Joffe, Executive

Financial results for the half year ended December 31 2016 Agenda Brian Joffe, Executive

A leading Foodservice group trading across five continents in over 30 countries Financial results for the half year ended December 31 2016 Agenda Brian Joffe, Executive Chairman Introduction Bernard Berson, CEO Strategy and Trading David

721 views • 34 slides
Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade

Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade

Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade How does it work Example Setting Up IP Masquerade References 2 What not to expect Teaching you how to set up Redhat Linux 5.1

483 views • 21 slides
Addressing Technology Barriers Blurring the Lines Between IT and Simulation Brian Florek, MS

Addressing Technology Barriers Blurring the Lines Between IT and Simulation Brian Florek, MS

Addressing Technology Barriers Blurring the Lines Between IT and Simulation Brian Florek, MS EMT-P May 2018 brian@ssemse.net Disclosures Brian Florek not an employee of or affiliated with Laerdal Medical Corporation Brian Florek

806 views • 62 slides
Clavet Composite School Secondary Curriculum Presentation Agenda Secondary Courses Mr. Brian

Clavet Composite School Secondary Curriculum Presentation Agenda Secondary Courses Mr. Brian

to Clavet Composite School Secondary Curriculum Presentation Agenda Secondary Courses Mr. Brian Matisz Graduation Requirements Provincial math pathways Secondary Courses offered at Clavet and Prerequisites Resources

1.1k views • 65 slides

More recommend