Upload
avice-glenn
View
213
Download
0
Embed Size (px)
Citation preview
1
Normal executable Infected executable
Sequenceof
program instructions
Entry
Originalprogram
EntryJump
Replicationand
payload
Viruses
2
Firewall
Bastionhosts
Internalhosts
Global Internet
Secondfirewall
Public hosts
Protected enclave
3
Communication Goals
• Remote authentication– Based on something you know
• Message confidentiality– Even if adversary eavesdrops
• Message integrity– Even if adversary intervenes
• Message non-repudiation– Even if sender changes her mind
4
Verycomplicatedencryptionalgorithm
Message(bit string)
Encryptedmessage(bit string)
Key (bit string)
5
Lockingkey
(Identical)unlocking key
Message
Locking key
(Different)unlocking key
Symmetriclock and key
Asymmetriclock and key
6
Close and lock usingsender’s locking key
Recipient opensusing unlockingkey
Put messagein lockbox
Transport
torecipient
Symmetric case
Asymmetric case
Locking and unlockingkeys are different
7
0
n-1
P = plaintext
C = ciphertext
Encrypt
Decrypt
RSA asymmetric algorithm
C = Ps mod nP = Ct mod nt cannot becomputed from(n,s) in reasonabletime
8
Confidentiality
Bob must possessa secret not availableto anyone else
Alice (sender)Bob (recipient)
9
Confidentiality (con’t)
Bob must possessa secret not availableto anyone else
Alice (sender)Bob (recipient)
Alice must be able to transform the message so that only the person possessing that secret can read it
10
Confidentiality (con’t)
Bob must possessa secret not availableto anyone else
Alice (sender)Bob (recipient)
Alice must be able to transform the message so that only the person possessing that secret can read it
or
Encrypt Decrypt
11
Where to do encryption
12
Non-repudiation
Alice (sender)Bob (recipient)
Alice must sign the message using a secret not revealed to anybody else
Bob must be able to verify the signature using public information
13
Authentication
Alice (sender)Bob (recipient)
Alice must possessa secret not availableto anyone else
14
Authentication (con’t)
Alice (sender)Bob (recipient)
Alice must possessa secret not availableto anyone else
Bob must be able toverify that Alice possessesthat secret without Alicerevealing it on the networkor to Bob
15
Authentication (con’t)
Alice (sender)Bob (recipient)
Alice must possessa secret not availableto anyone else
or Bob must be able toverify that Alice possessesthat secret without Alicerevealing it on the network(and possibly not to Bob)
Challenge
Response
16
Digital certificate
(ID,public_key)
Encrypted withCA private_key
CA_ID
Certificate authority (CA)certifies (ID,key) binding
17
18
Bob Alice
CA
Alice convinces CA of her identity
Alice provides Bob with a replica of her digitalcertificate, which provides and certifies Alice’s public key
CA givesdigital certificateand secret keyto Alice Bob verifies CA
signature using CA public key
19
Certificateauthority
Bank’s certificateissued by CA
Merchant’s certificateissued by bank
Verifysignature
Authority’sknownpublic key
Bank’spublickey
Verifysignature
Merchant’spublickey
Chain of trust
20
CA
Seller (server)
Customer (client)
Trusting CA public key, client canobtain authenticated public key ofa seller
Consumer electronic commerce
21
Seller (server)
Customer (client)
Client can generate a random,secret “session key” and sendconfidentially to server
Client can authenticate serverusing challenge response protocol
22
Seller (server)
Customer (client)
Client and server cancommunicate confidentially