Facilities for Secure Communication - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Facilities for Secure Communication

Description:

anybody in the group can eavesdrop to any body else's communication. Issues in Internet Security ... A public key, that anybody may know ... – PowerPoint PPT presentation

Number of Views:136
Avg rating:3.0/5.0
Slides: 15
Provided by: busi232
Category:

less

Transcript and Presenter's Notes

Title: Facilities for Secure Communication


1
Facilities for Secure Communication

2
The Internet is insecure
  • The Internet is a shared collection of networks.
  • Unfortunately, that makes it insecure
  • An example
  • Cable modems use TV wiring to deliver high-speed
    Internet services to customers
  • Groups of customers share the same bandwidth
  • ? anybody in the group can eavesdrop to any body
    elses communication

3
Issues in Internet Security
  • Privacy messages should be read only by the
    sender and the intended destination
  • Ex1. If you send your credit card number, you
    would like to know that only the receiver can
    read the message.
  • Ex2. If you send digital merchandise, like an
    e-ticket, you would like that only the party that
    paid for it could use it.
  • Authenticity be sure who the communicating
    party is
  • Ex1. Who is the sender of an e-mail?
  • Ex2. Is this web page really set up by Columbia?

4
Issues in Internet security (cont.)
  • Data integrity a message should arrive at the
    destination exactly as it was sent
  • Ex one can steal merchandise simply by changing
    the delivery address
  • Solution encryption

5
Encryption methods
  • Have a code for each symbol
  • The communicating parties share the code
  • Ex p stands for w, o for a, and t for r. What
    does pot stand for?
  • Widely used starting with ancient Rome
  • Problem easy to break if computers are used to
    break the code.

6
Secret key cryptography
  • Secret key
  • Based on the previous idea, but uses
    sophisticated mathematical procedures to encrypt
    and to decrypt
  • If M is a message, and K is a secret key then
  • Mdecrypt(K,encrypt(K,M))
  • Advantage encrypt, decrypt are (relatively)
    efficient functions

7
Secret Key Cryptography (cont.)
Vacation is coming!!

Alice
_at_1!3
Bob
_at_1!3
Vacation is coming!!
8
Problems with secret keycryptography
  • Deployment all communicating parties have to
    know the key.
  • How can they take hold of it? Obviously, not by
    sending an message via the Internet.
  • Large number of keys a dedicated key is needed
    for each set of communicating parties
  • Cannot be used for signing
  • when receiving an encrypted message one cannot be
    sure who is the sender---might be anybody who
    knows the secret key

9
A Breakthrough Public Key Cryptography
  • Discovered in the 70s by Diffie and Hellman
  • A person (principal) has two keys
  • A private key, that he keeps secret
  • A public key, that anybody may know
  • Property a message encrypted with one of the
    keys can be decrypted with the other

10
Public Key Cryptography (cont.)
  • Sending an authentic message. (Also called a
    signed message.)

Alice
_at_1!3
Vacation is coming !!
secret
public
Bob
Vacation is coming !!
_at_1!3
Alices public key
11
Public Key Cryptography (cont.)
  • Sending a confidential message

Alice
Indeed!
1
secret
public
1
Indeed!
Alices public key
12
Encrypting with public/private keys
  • To achieve privacy
  • If A wants to send a message to B that only B can
    read, A encrypts the message with Bs public key
  • A sends Mencrypt(pubB ,M)
  • B decrypt(privB ,M)
  • To prove authenticity (signing)
  • If A wants to send to B a message and wants to
    prove that it is authentic
  • A encrypts the message with its private key
  • A sends Mencrypt(privA ,M)
  • B decrypts the message with As public key
  • B recovers Mdecrypt(pubA ,M)
  • How about data integrity?

13
Public key cryptography
  • Advantages
  • Provide for privacy, authenticity and integrity
  • May be used to distribute secret keys
  • The price to pay
  • Encryption and decryption takes considerably
    longer to perform than for secret key
    cryptography.

14
But
  • No method (public or secret cryptography)
    guarantees absolute security
  • If a third party uses enough computers, enough
    time it will be able to break the code
  • However, the time required to break the code is
    (believed to be) sufficiently long as to make the
    network reasonably secure.
Write a Comment
User Comments (0)
About PowerShow.com