Module 18 Network Security I Cryptography - PowerPoint PPT Presentation

1 / 49
About This Presentation
Title:

Module 18 Network Security I Cryptography

Description:

Information transmitted over the network is not secure ... Blowfish has 8*32-bit S-boxes. 26. 27. 3. Conventional Encryption - Example: S-DES Key Generation ... – PowerPoint PPT presentation

Number of Views:237
Avg rating:3.0/5.0
Slides: 50
Provided by: ling95
Category:

less

Transcript and Presenter's Notes

Title: Module 18 Network Security I Cryptography


1
Module 18Network Security ICryptography
2
  • Textbook sections
  • LG 11.1 Security and Cryptographic Algorithms
  • LG 11.3 Cryptographic Algorithms
  • Topics
  • Security Attacks
  • Security Requirements
  • Conventional Encryption
  • Model of Conventional Cryptography
  • Simplified DES
  • Mathematical Operations
  • Example S-DES
  • Public-key Cryptography
  • Overview
  • RSA Algorithm
  • Encryption
  • Digital Signature
  • Message Digest

3
LG Figure 11.1Network security threats- Part 1
4
LG Figure 11.1 Network security threats- Part 2
5
1. Security Attacks
  • Threats
  • Eavesdropping
  • Information transmitted over the network is not
    secure and can be observed and recorded by
    eavesdroppers. This information can be replayed
    I attempts to access the server
  • Client imposter
  • Imposters can attempt to gain unauthorized access
    to a server, for example, a bank account or a
    database of personal records
  • Denial of service
  • An attacker can also flood a server with
    requests, overloading the server resources and
    resulting in a denial of service to legitimate
    clients
  • Server imposter
  • An imposter can impersonate a legitimate server
    and gain sensitive information from a client, for
    example, a bank account number and associated
    user password
  • Man in the middle
  • An imposter managers to place itself as the man
    in the middle, convincing the server that it is
    the legitimate client and the legitimate client
    that it is the legitimate server

6
1. Security Attacks
  • Most networks have been designed to prevent
    external attacks firewalls, intrusion detection,
    system and access controls
  • Trusted insider threats
  • Who
  • Disgruntled employee
  • Financially distressed employee
  • Emotionally distressed employee
  • Threats
  • Intend to cause damage
  • Know where valued resources are located
  • Know how to enter the system
  • Damage
  • Statistics show that more than 2/3 of computer
    security incidents (both government and
    commercial) resulted from the activities of
    authorized users.
  • Monitoring
  • History logs of network connections including web
    addresses visited.
  • Traffic logs of connection types such as
    e-mail,web, FTP, etc.
  • Keystroke monitoring (Usually used only when
    hostile activities or inappropriate behavior is
    suspected.)

7
1. Security Attacks
  • Malicious code
  • Worm
  • A worm is an independent program that spreads
    through network connections and may consume
    computing resources but does not attach itself to
    other programs.
  • Bomb
  • A logic bomb detonates (executes) when a certain
    condition is met. A time bomb detonates
    (executes) at a pre-determined time.
  • Virus
  • A virus is a hidden self-replicating section of
    software that spreads by infecting (that is,
    attaching itself to ) and becoming part of
    another program. They can spread via the
    Internet or through removable media such as
    floppy disks or CDs.
  • Trojan Horse
  • An application that performs one function but
    contains a hidden malicious function.
  • Back doors/Trapdoor
  • They permit access to system resources without
    using required security mechanisms such as user
    logon.

8
2. Security Requirements
Information Protection Requirements The A-I-C
Triad
Availability
Integrity
Confidentiality
9
2. Security Requirements
  • Availability
  • Availability means that information is there when
    you need it. A system, or information contained
    in a system is usable by an authorized user
    according to the systems designed performance
    specifications.
  • Integrity
  • Integrity assumes that information has not been
    changed, altered, or destroyed in an unauthorized
    manner.
  • Confidentiality
  • Confidentiality ensures that only authorized
    people or processes are able to access the
    information

10
2. Security Requirements
  • Authenticity
  • It is possible to verity that the sender or
    receiver is who he or she claims to be
  • Example Bank ability to prove that it is in
    fact you requesting the transfer
  • Non-repudiation
  • The sender cannot deny having sent a given
    message
  • Example If you request that 100 be transferred
    to pay a bill, you cannot, at later date, deny
    having authorized the transfer
  • Control Access
  • Need a method of granting access to private or
    secret data to those who require it.

11
2. Security Requirements - IT Security Domains
  • Ten domains of information technology (IT)
    security
  • Security architecture and models
  • Physical security
  • Access control systems and methodology
  • Cryptography
  • Telecommunications and network security
  • Applications and systems development security
  • Operations security
  • Security management practices
  • Business continuity planning and disaster
    recovery planning
  • Law, investigation, and ethics.

12
2. Security Requirements - IT Security Domains
  • 1. Security Architecture and Models
  • This domain contains the concepts, principles,
    structures, and standards used to design,
    implement, monitor, and secure operating systems,
    equipment, networks, applications, and those
    controls used to enforce various levels of
    confidentiality, integrity, and availability.
  • 2. Physical Security
  • This domain addresses the threats,
    vulnerabilities, and countermeasures utilized to
    physically protected an enterprises resources
    and sensitive information. These resources
    include people, the facility in which they work,
    and the data equipment, support systems, media,
    and supplies they utilize.

13
2. Security Requirements - IT Security Domains
  • 3. Access Control Systems and Methodology
  • Access control is the collection of mechanisms
    for limiting, controlling, and monitoring system
    access to certain items of information or to
    certain features based on a users identity and
    membership in various predefined group. It
    permits the managers of a system to exercise a
    directing or restraining influence on the
    behavior use, and content of the system for
    availability, integrity, and confidentiality.
  • 4. Cryptography
  • This domain addresses the principles, means, and
    methods of securing information to ensure its
    integrity, confidentiality, and authenticity.

14
2. Security Requirements - IT Security Domains
  • 5. Telecommunications and network security
  • This domain includes the structures,
    transmission methods, transport formats, and
    security measures used to provide integrity,
    availability, and authentication, as well as
    confidentiality for transmissions over private
    and public communications networks.
  • 6. Applications and systems development security
  • This domain refers to controls included with
    system software and applications software and the
    steps used in their development. Applications
    include agents, applets, software, databases,
    data warehouses, and knowledge-based systems.
    These application may be used in distributed or
    centralized environments.

15
2. Security Requirements - IT Security Domains
  • 7. Operations security
  • Operation security is used to identify the
    controls over hardware, media, and operators with
    access privileges to any of these resources.
    Audit and monitoring are the mechanism, tools,
    and facilities that permit the identification of
    security events and subsequent actions to
    identify key elements and reports the pertinent
    information to the appropriate individuals,
    group, or process.
  • 8. Security management practices
  • Security management entails the identification
    of an organizations information assets and the
    development, documentation, and implementation of
    policies, standards, procedures, and guidelines
    that ensure confidentiality, integrity, and
    availability. Management tools such as data
    classification, risk assessment, and risk
    analysis are used to identify threats, classify
    assets, and to rate vulnerabilities so that
    effective security controls can be implemented.

16
2. Security Requirements - IT Security Domains
  • 9. Business continuity planning and disaster
    recovery planning
  • This domain addresses the preservation of the
    business in the face of major disruptions to
    normal business operations. BCP and DRP involves
    the preparation, testing, and updating of
    specific actions to protect critical business
    processes from the effect of major systems and
    network failures.
  • 10.Law, investigation, and ethics
  • This domain addresses computer crime laws and
    regulations, the investigative measures and
    techniques used to determine if a crime has been
    committed and methods to gather evidence if it
    has and the ethical constraints that provide a
    code of conduct for the security professional.

17
2. Security Requirements - Key Terms
  • Cryptology
  • The study of secure communications, which
    encompasses both cryptography and cryptanalysis
  • Cryptography
  • The branch of cryptology dealing with the design
    of algorithms for encryption and decryption,
    intended to ensure the secrecy and/or
    authenticity of messages
  • Cryptanalysis
  • The branch of cryptology dealing with the
    breaking of a cipher to recover information, or
    forging encrypted information that will be
    accepted as authentic
  • Encryption
  • The conversion of plaintext or data into
    unintelligible form by means of a reversible
    translation, based on a translation table or
    algorithm. Also called enciphering.

18
2. Security Requirements - Key Terms
  • Decryption
  • The translation of encrypted text or data (called
    ciphertext) into original text or data (called
    plaintext). Also called deciphering.
  • Cipher
  • An algorithm for encryption and decryption. A
    cipher replaces a piece of information (an
    element in plaintext) with another object, with
    the intent to conceal meaning. Typically, the
    replacement rule is governed by a secret key.
  • Plaintext
  • The input to an encryption function or the output
    of a decryption function
  • Ciphertext
  • The output of an encryption algorithm the
    encrypted form of a message or data.

19
2. Security Requirements - Key Terms
  • Symmetric encryption
  • A form of cryptosystem in which encryption and
    decryption are performed using the same key
    (secret key). Also known as conventional
    encryption.
  • Asymmetric encryption
  • A form of cryptosystem in which encryption and
    decryption are performed using two different
    keys, one of which is referred to as the public
    key and one of which is referred to as the
    private key. Also known as public-key
    encryption.
  • Private Key
  • One of the two keys used in an asymmetric
    encryption system. For secure communication, the
    private key should only be known to its creator.
  • Public Key
  • One of the two keys used in an asymmetric
    encryption system. The public key is made
    public, to be used in conjunction with a
    corresponding private key.

20
(No Transcript)
21
3. Conventional Encryption - Model of
Conventional Cryptography
  • Encryption
  • Y EK(X)
  • Y is produced by using encryption algorithm E as
    a function of the plaintext X, with the specific
    function determined by the value of the key K
  • Plaintext X X1,X2,...,XN. Typically, each
    element of X belongs to the space 0,1
  • Ciphertext Y Y1,Y2,...,YN. Typically, each
    element of Y belongs to the space 0,1
  • Decryption
  • X DK(Y)

22
3. Conventional Encryption - Simplified DES
  • Data Encryption Standard (DES)
  • Designed by IBM and adopted by the U.S.
    government as the standard encryption method for
    nonmilitary and non-classified use.
  • Standardized by ANSI in 1981 as ANSI X.3.92
  • Was a widely used method of providing secure
    connections through data encryption until it was
    broken in July 1998.
  • Encrypts a 64-bit plaintext using a 56-bit key.
    The text is put through 19 different and very
    complex procedures to create a 64-bit ciphertext.
  • Simplified DES
  • Simplified version of DES to enhance
    understanding of DES
  • A teaching tool
  • Major components
  • Plaintext
  • Ciphertext
  • Key
  • Encryption algorithm
  • Decryption algorithm

23
Encryption (ciphertext generation)
ciphertext IP-1(fk(SW(fk(IP(plaintext)))))
Subkey 1 generation K1 P8(Shift(P10(key)))
Subkey 2 generation K2 P8(Shift(Shift(P10(key))
))
Decryption (plaintext generation) plaintext
IP-1(fk(SW(fk(IP(ciphertext)))))
Note fk is a complex function which
involves Both permutation, substitution, and key
input.
24
3. Conventional Encryption - Mathematical
Operations
  • Exclusive OR
  • Switch function
  • Shift operation
  • Example
  • Circular left shift (LS-1)
  • Define LS-1(k1,k2,k3,k4,k5,k6,k7,k8,k9,k10)
    (k2,k3,k4,k5,k6,k7,k8,k9,k10,k1) then
  • LS-1(1,0,0,0,0,0,1,1,0,0) (0,0,0,0,0,1,1,0,0,1)
  • Permutation (P-Box)
  • Can be viewed as an mapping or transportation
  • Example
  • Define P10(k1,k2,k3,k4,k5,k6,k7,k8,k9,k10)
    (k3,k5,k2,k7,k4,k10,k1,k9,k8,k6)
  • then P10(1,0,1,00,0,0,0,0,1,0)
    (1,0,0,0,0,0,1,1,0,0)
  • Define P8(k1,k2,k3,k4,k5,k6,k7,k8,k9,k10)
    (k6,k3,k7,k4,k8,k5,k10,k9)
  • then P8(0,0,0,0,1,1,1,0,0,0) (1,0,1,0,0,1,0,0)

25
3. Conventional Encryption - Mathematical
Operations
  • Substitution S-boxes
  • An S-box is simply a substitution a mapping of
    m-bits inputs to n-bit outputs.
  • An S-box with an m-bit inputs and n-bit outputs
    is called a mn-bit S-box
  • S-boxes are generally the only nonlinear step in
    an algorithm. They are what give a block cipher
    its security. In general, the bigger they are,
    the better.
  • DES has eight different 64-bit S-boxes. Blowfish
    has 832-bit S-boxes.

26
(No Transcript)
27
3. Conventional Encryption - Example S-DES Key
Generation
  • Step1 P10 operation
  • Given 10-bit key (10100 00010)
  • Given P10(k1,k2,k3,k4,k5,k6,k7,k8,k9,k10)
    (k3,k5,k2,k7,k4,k10,k1,k9,k8,k6)
  • The result is P10(10100 00010) (10000 01100)
  • Step 2 LS-1 (circular left shift one bit)
  • Perform LS-1 on the first five bits, and then
    perform LS-1 on the second five bits of the
    result of step1
  • The result is (00001 11000)
  • Step3 P8 operation
  • Given P8(k1,k2,k3,k4,k5,k6,k7,k8,k9,k10)
    (k6,k3,k7,k4,k8,k5,k10,k9)
  • The result is K1 P8(00001 11000) (1010 0100)
  • Step 4 LS-2 (circular left shift two bits)
  • Use the result of Step 2, which is (00001 11000)
  • Perform LS-2 on the first five bits, and then
    perform LS-2 on the second five bits of the
    result of step 2
  • The result is (00100 00011)
  • Step 5 P8 operation
  • Given P8(k1,k2,k3,k4,k5,k6,k7,k8,k9,k10)
    (k6,k3,k7,k4,k8,k5,k10,k9)
  • The result is K2 P8(00100 00011) (0100 0011)

28
(No Transcript)
29
3. Conventional Encryption - Example S-DES
Encryption Algorithm
  • Step1 Initial Permutation (IP) operation
  • Given IP(n1,n2,n3,n4,n5,n6,n7,n8)
    (n2,n6,n3,n1,n4,n8,n5,n7)
  • The result is IP(1111 0011) (1011 1101)
  • Step 2 Expansion /permutation (E/P) operation
  • Given E/P(n1,n2,n3,n4) (n4,n1,n2,n3,n2,n3,n4,n1)
  • The result is (1101 0111)
  • Step3 The usage of subkey K1
  • Given 8-bit subkey K1 (k11,k12,k13,k14,k15,k16,k
    17,k18)
  • (1010 0100) from previous page
  • Rearrange the result of E/P as
  • n4 n1 n2 n3
  • n2 n3 n4 n1
  • XOR the above result and K1 as follows
  • n4 XOR k11 n1 XOR k12 n2 XOR k13 n3 XOR k14
  • n2 XOR k15 n3 XOR k16 n4 XOR k17 n1 XOR k18
  • Plug in numerical values
  • 1 XOR 1 1 XOR 0 0 XOR 1 1 XOR 0
  • 0 XOR 0 1 XOR 1 1 XOR 0 1 XOR 0
  • The result is

30
3. Conventional Encryption - Example S-DES
Encryption Algorithm
  • Step 4 The usage of S-box
  • Given
  • 0 1 2 3 0 1 2 3
  • 0 1 0 3 2 0
    0 1 2 3
  • S0 1 3 2 1 0 S1
    1 2 0 1 3
  • 2 0 2 1 3
    2 3 0 1 0
  • 3 3 1 3 2
    3 2 1 0 3
  • The S-boxes operates as follows The first and
    fourth inputs bits of p are treated as 2-bit
    numbers that specify a row of the S-box, and the
    second and third input bits of p specify a column
    of the S-box.
  • For example, if (p00p03) (00) and (p01p02)
    (10), then the output is from row 0, column 2 of
    S0, which is 3, or (11) in binary.
  • The first four bits of p are fed into S0 to
    produce a 2-bit output, s1 and s2, and the
    remaining 4 bits (second row) are fed into S1 to
    produce another 2-bit output s3 and s4.
    Therefore, (s1,s2,s3,s4) (0,0,0,0)

31
3. Conventional Encryption - Example S-DES
Encryption Algorithm
  • Step 5P4 operation
  • A P4 operation will be performed on the four
    bits,(s1,s2,s3,s4), calculated from step 4
  • P4(s1,s2,s3,s4) (s2,s4,s3,s1)
  • Switch operation
  • The function fk only alter the leftmost bits of
    the plaintext. The switch operation interchanges
    the left and right 4 bits so that the second
    instance of fk operates on a different 4 bits.
    In this second instance, the E/P, S0,S1, and P4
    functions are the same However, the subkey used
    is K2
  • Step 6 Final IP-1 operation
  • Given IP-1(k1,k2,k3,k4,k5,k6,k7,k8)
    (k4,k1,k3,k5,k7,k2,k8,k6)
  • Note IP-1is the inverse of IP specified in Step 1

32
4. Public-key Cryptography - Overview
  • Public key encryption An encryption technique
    that generate encryption keys in pairs. One of
    the pair must be kept secret, and one is
    published.
  • Publicly revealing an encryption key does not
    thereby reveal the corresponding decryption key.
  • Couriers or other secure means are not needed to
    transmit keys, since a message can be enciphered
    using an encryption key publicly revealed by the
    intended recipient. Only the intended recipient
    can decipher the message, since only he knows the
    corresponding decryption key.

33
4. Public-key Cryptography
The use of public-key cryptography in encryption
Corresponding keys
The use of public-key cryptography in digital
signatures
34
4. Public-key Cryptography - Overview
  • The security of Public Key Cryptography is based
    on the difficulty of solving hard problems.
  • For example, many public key algorithms base
    their security of the difficulty of factoring the
    product of very large prime numbers (a number
    whos only factors are one and itself). Although
    these algorithms present many interesting
    possibilities, they are quite slow when compared
    to symmetric algorithms.
  • Not all public key algorithms are designed to
    perform the same functions
  • Some algorithms are designed to do encryption
  • Some algorithms are designed to perform key
    exchange
  • Some algorithms are designed to perform digital
    signature
  • Some algorithms are designed to perform all three
    functions

35
4. Public-key Cryptography - RSA Algorithm
  • RSA algorithm
  • Named after its inventors, Rivest, Shamir, and
    Adleman
  • A widely accepted scheme for public cryptography
  • It involves different keys for encryption (public
    key) and decryption (private key).
  • A public/private pair is required when two
    participants want to encrypt data they are
    sending to each other using a public key
    algorithms like RSA.
  • It does not work to encrypt with your private key
    and let the other side decrypt with the public
    key because everyone has access to the public key
    and so could decrypt the message.
  • Participant A encrypts data it sends to
    participant B using Bs public key and B uses its
    private key to decrypt this data.
  • Similarly, Participant B encrypts data it sends
    to participant A using As public key and A uses
    its private key to decrypt this data.
  • RSA security is based on the premise that
    factoring large numbers is a computationally
    expensive proposition.

36
4. Public-key Cryptography - RSA Algorithm
  • Algorithm to generate public and private keys
  • Choose two large prime numbers p and q (larger
    than 512 bits)
  • n is set equal to the product of p and q
  • The plaintext P that is represented by a number
    must be less than n
  • Find a number e that is relatively prime to (p-1)
    (q-1)
  • Two numbers are said to be relatively prime if
    they have no common factors except 1
  • The public key consists of e, n.
  • Find a number d such that de (mod((p-1)
    (q-1))) 1
  • The private key consists of d,n.

37
4. Public-key Cryptography - RSA Algorithm
  • Algorithm to perform RSA encryption
  • Suppose that P is an integer that corresponds to
    a block of plaintext, then the corresponding
    ciphertext is generated as follows
  • C Pe(mod(n))
  • Algorithm to perform RSA decryption
  • P Cd(mod(n))

38
4. Public-key Cryptography - RSA Algorithm
  • Example Using RSA
  • Keys generation
  • Choose p 5 and q 11.
  • Therefore, n 55
  • Since (p-1)(q-1) 40, a value of e 7 is valid
  • The public key consists of 7,55
  • To satisfy 7d(mod 40) 1, choose d 23.
  • The public key consists of 23,55
  • Encryption of a message represented numerically
    as 18
  • C 187 mod 55 17
  • Decryption of the ciphertext
  • P 1723 mod 55 18

39
4. Public-key Cryptography - RSA Algorithm
  • The security of RSA
  • The number n and e are given publicly. If the
    recipient can calculate d, why not the snooper?
  • RSA algorithm starts with p and q to calculate n,
    e, and d. The snooper does not know p and q.
    The snooper needs to use n to first find p and q,
    and then guess d.
  • If p and q are large, it is extremely difficult
    to find its prime factors (p and q).

40
4. Public-key Cryptography - RSA Algorithm
  • There are two possible approaches to defeat the
    RSA algorithm
  • The first is the brute-force approach
  • Try all possible private keys.
  • Thus, the larger the number of bits in e and d,
    the more secure the algorithm.
  • However, because complex calculations are
    involved in key generation and in
    encryption/decryption, larger size of the key
    means the system will run slower.
  • Factoring n into its two prime factors
  • For a large n with large prime factors, factoring
    is a hard problem, but not as hard as it used to
    be

41
4. Public-key Cryptography - RSA Algorithm
  • Digital signature
  • An authentication mechanism that enables the
    creator of a message to attach a code that acts
    as a signature. The signature guarantees the
    source and integrity of the message.
  • Digital signature must be message-dependent and
    signer-dependent.
  • In network transaction, one can not presumably
    sign the request for withdrawal. One can ,
    however, create the equivalence of an electronic
    or digital signature by the way one send data.
  • Reciprocity of RSA algorithm
  • Section II of the RSA paper
  • DE(M) M . (1)
  • ED(M) M .. (2)
  • Where E stands for encryption which uses public
    key and D stands for decryption which uses
    private key

42
4. Public-key Cryptography - RSA Algorithm
  • Section VI signature of the RSA paper
  • How can a sender, say Bob, send a signed
    message M to a receiver, say Alice, using
    public-key cryptography?
  • The sender, Bob, has the following keys
    DB(private), EA (Public key)
  • The receiver, Alice, has the following keys
    DA(private key), EB (Public key)

43
4. Public-key Cryptography
The use of public-key cryptography in encryption
Corresponding keys
The use of public-key cryptography in digital
signatures
44
4. Public-key Cryptography
  • Point for Discussion Performance of RSA
    Algorithm
  • DES and MD5 are several orders of magnitude
    faster than RSA when implemented in software. For
    example, when run on an Alpha workstation, DES
    processes data at 36 Mbps, MD5 at 85 Mbps, and
    RSA at only 1 Kbps.
  • When implemented in hardware, by custom VLSI
    chips, it has been reported that DES and MD5 can
    achieve rate measured in the hundreds of Mbps,
    whereas RSA achieve a 64 Kbps.
  • Even when implemented in hardware, RSA is still
    too slow to be of any practical use in encrypting
    data message. Instead, RSA is typically used to
    encrypt very small amounts of data, such as a
    secret key or a secret number. Security
    protocols then used these RSA-protected secrets
    in conjunction with DES and MD5, to provide
    message privacy and integrity.

45
5. Message Digest (MD)
  • Methodology
  • The public key technology can be used to create a
    digital signature. However the main concern in
    signing data by encryption is that encryption and
    decryption are computationally expensive.
  • The message digest (MD) algorithm can be used if
    the needs are to ensure that
  • Requirement 1 The sender of the data is as
    claimed, that is, that the sender has signed the
    data and this signature can be checked.
  • Requirements 2 The transmitted data has not been
    changed since the sender created and signed the
    data.

46
5. Message Digest (MD)
  • Message digest algorithm
  • Take a message, m, of arbitrary length and
    computer a fixed-length fingerprint of the data
    known as a message digest, H(m). (The message
    digest protects the data in the sense that if m
    is changed to m, either maliciously or by
    accident, then H(m) computed for the original
    data and transmitted with that data, will not
    match the H(m) computer over the changed data,
    m. Thus, the second requirement is met by the
    message digest.
  • While the message digest provides for data
    integrity, the first requirement can be met by
    digitally signing the message digest.

47
5. Message Digest (MD)
  • Hash function
  • A message digest algorithm must have the
    following property
  • It is computationally infeasible to find any two
    different message x and y such that H(x) H(y).

Bobs long message, m, to Alice
Fixed-length message digest H(m)
Dear Alice This is a very long letter since
there is so much to say ... ... ... Bob
Opgmdvboijrtnsdgghppdogmlcbkb
Many-to-one hash function
48
Sending a digitally signed message
Bobs original long message to Alice
Many-to-one hash function
Fixed-length message digest
Encrypt the fixed-length message digest
Bobs private key
encrypted message digest
Combine the long message and the encrypted
message digest
Bobs digitally signed message to Alice
49
Verifying the integrity of a signed message
Message received by Alice
Extract Long message
Extract encrypted message digest
Long message, m
Signed message digest
Many-to-one hash function
decrypt the encrypted message digest
Bobs public key
Fixed-length message digest
Fixed-length message digest
Compare
Write a Comment
User Comments (0)
About PowerShow.com