Slide 1

Internet & Web Security Syrian Virtual University MWS/MWT AWS Course 2013-2014 Prof. Dr. Moutasem Shafaamry t_mshafaamri@svuonline.org m.shafaamry@gmail.com Lecture 3 PKI & Digital Certificate

Slide 2

2 outlines Course outlines Cryptography Digital Signature Digital Certificate : HTTP, SMTP FTP SSL, TLS, HTTPS, PGP : Cross-Site Request Forgery (CSRF) SQL injection etc Computers Ethics Introduction to cryptography The need for crypto systems Symmetric& Asymmetric PKI & Digital Signature Computer Networks attacks Security Protocols Types of Web Applications Attacks Detection and prevention Security Standards Security and Risk management Practical Issues Project 2 SVU-AWS/WIS Course

Slide 3

3 PKI Overview Digital Signatures What is it? How does it work? Digital Certificates Public Key Infrastructure PKI Components Policies Smart Cards Email signing S/MIME Public Key Infrastructure and Applications 3 SVU-AWS/WIS Course

Slide 4

4 Whats the problem? Information over the Internet is Free, Available, Unencrypted, and Untrusted. Not desirable for many Applications Electronic Commerce Software Products Financial Services Corporate Data Healthcare Subscriptions Legal Information 4 SVU-AWS/WIS Course

Slide 5

5 Multiple Security Issues Privacy (Secrecy) Integrity Authentication Non-repudiation Interception Spoofing Modification Proof of parties involved 5 SVU-AWS/WIS Course

Slide 6

6 Security Algorithms Symmetric Algorithms Triple-DES, DES, CAST, RC2, IDEA Public Key Algorithms RSA, DSA, Diffie-Hellman, Elliptic Curve Hashing Algorithms SHA-1, MD5, RIPEMD 6 SVU-AWS/WIS Course

Slide 7

7 Symmetric Key Encryption If any ones key is compromised, all keys need to be replaced Not practical or cost effective for Internet environments INTERNET 7 SVU-AWS/WIS Course

Slide 8

8 Public Key Cryptography Public Encryption Original Document Encrypted Document Private Decryption Original Document Sender Receiver Public-Key Cryptography is an encryption scheme that uses mathematically related, but not identical keys. Each user has a key pair (public key/private key). Information encrypted with the public key can only be decrypted using the private key. 8 SVU-AWS/WIS Course

Slide 9

9 What is a Digital Signature ? A Digital Signature is the result of encrypting the Hash of the data to be exchanged. A Hash (or Message Digest) is the process of mathematically reducing a data stream down to a fixed length field. The Hash uniquely represents the original data. The probability of producing the same Hash with two sets of different data is