Recap: Part 6 • Public key cryptosystem: a pair of keys – Public-key: meant for public, should be given out – Private-key: remains always secret – An operation performed by one key in the pair can be inversed only by the other key Encryption: e(M, k B ) = X Decryption: d(X, K B ) = M
Recap: Part 6 • One-way function: usage in achieving integrity H(M, k) = x and H(M, k) ≠ y Given x, k; it is impossible to find M
Recap: Part 6 • Digital Signature: A sequence of operations performed by a sender, such that the receiver of the message can be ensured with the following 3 security properties: – Message authentication – Message integrity – Message non-repudiation
Recap: Part 6 • Digital Signature: H(M) = x E(x, K A ) = M A Alice sends M and M A to Bob over insecure network Bob performs the following (Bob knows k A ): H(M) = x D(M A , k A ) = x
Exercise • We just saw composition of a digital signature that Alice performed on message M. The composition provided authentication, integrity, non-repudiation • What needs to be done in order to provide confidentiality to message M? • http://crypto.stackexchange.com/questions/5782 /why-is-asymmetric-cryptography-bad-for-huge- data
Sam acting as Trusted Third Party (TTP) (K PA K PB … ) Sam K PS K SS Alice Bob K PA K SA K PB K SB
Certification Authority (K PA K PB … ) Sam K PS K SS Alice Bob K PA K SA K PB K SB
Digital Certificate from a CA
Sam acting as TTP in NSSK Protocol (K AS K BS … ) Sam {N A }K AB Alice Bob {N A - 1}K AB K AS K BS
Diffie Hellman Key Exchange {N A }K AB Alice Bob {N A - 1}K AB K AS K BS
DHKE Protocol 1. Bob: comes up with 2 prime numbers g , p 2. Alice: pick a secret number a and compute g a mod p = A 3. Bob: pic a secret number b and compute g b mod p = B 4. Alice: B a mod p = (g b mod p) a mod p g ba mod p = K AB 5. Bob: A b mod p = (g a mod p) b mod p g ab mod p = K AB
Diffie Hellman Key Exchange {N A }K AB Alice Bob {N A - 1}K AB g, p, a g, p, b
Exercise (K PA K PB … ) Sam K PS K SS Alice Bob K PA , K SA , K PS , g, p, a K PB , K SB , K PS , g, p, b Alice wants to send a huge message M to Bob with the following properties: Authentication, integrity, non-repudiation, confidentiality Alice and Bob trust TTP Sam Symmetric key encryption is multiple orders cheaper than asymmetric key encryption List out the steps involved in transferring M from Alice to Bob
Recommend
More recommend
