brian lamacchia agenda
play

Brian LaMacchia Agenda Guest lecture: Christian Rechberger, KU - PowerPoint PPT Presentation

Oct 24, 2023 •222 likes •984 views

Winter 2011 Josh Benaloh Brian LaMacchia Agenda Guest lecture: Christian Rechberger, KU Leuven Towards SHA-3 Message-based protocols S/MIME XMLDSIG & XMLENC IPsec (depending on time) Design Charrette Part II

  1. Winter 2011 Josh Benaloh Brian LaMacchia

  2. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 2

  3. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 3

  4. Message-Based Protocols  “Session” vs. “Message”  Synchronous vs. Asynchronous  In message-based protocols, we cannot assume we have the luxury of being able to negotiate ciphersuites, parameter values, etc.  In the common scenario, each message is a “fire -and- forget” communication  Each message has to contain enough information to allow the recipient to decrypt it. February 10, 2011 Practical Aspects of Modern Cryptography 4

  5. Message-Based Protocols  There are lots of message-based protocols  Examples: RPC, routing table updates  The most common scenario to date, though, is e-mail  Digitally signed for sender authentication and integrity protection  Encrypted for confidentiality February 10, 2011 Practical Aspects of Modern Cryptography 5

  6. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 6

  7. S/MIME  Secure Multipurpose Internet Mail Extensions  Initially designed by RSA-led vendor consortium in 1995  S/MIME messaging and S/MIME certificate handling are Internet RFC’s  Widely supported format for secure e-mail messages  Uses X.509v3 certificates February 10, 2011 Practical Aspects of Modern Cryptography 7

  8. Scenario Assumptions  Each participant has two public-private key pairs: one for signing messages and one for receiving encrypted messages from others  “Separation of duty” – separate keys (with separate controls) for separate uses  Encryption key archival/escrow/recovery  For now, we assume key distribution isn’t a problem for participants  If I want to send you a message, I can obtain a copy of your encryption public key that I trust.  If you want to verify a message I signed, you can obtain a copy of my public signing key that you trust. February 10, 2011 Practical Aspects of Modern Cryptography 8

  9. Encrypting Messages  How do we want to encrypt messages?  We have public keys for recipients, so we could repeatedly apply PK-encryption to portions of the message  Recall that we can only RSA-encrypt messages M with |M| ≤ |n|  Plus, public key encryption is relatively slow, so we’d like to use it efficiently  Idea: use PK to convey a random symmetric “session” key to recipients February 10, 2011 Practical Aspects of Modern Cryptography 9

  10. Encrypting Messages  We use symmetric encryption with randomly-generated session keys to encrypt message bodies  Since symmetric encryption is fast and messages may be arbitrarily large  We use public-key encryption to encrypt the session keys to message recipients  We send both encrypted message and session key as a unit to recipients… February 10, 2011 Practical Aspects of Modern Cryptography 10

  11. Message Encryption Alice Sym. m Message February 10, 2011 Practical Aspects of Modern Cryptography 11

  12. Decrypting Messages  Message decryption is just the reverse from encryption  Recipients use their private encryption key to decrypt the session key for the message  Recipients then use the session key to symmetrically decrypt the message body. February 10, 2011 Practical Aspects of Modern Cryptography 12

  13. Message Decryption Sym. Bob m February 10, 2011 Practical Aspects of Modern Cryptography 13

  14. Signing Messages  How do we want to sign messages?  Each user has a signing key pair, but again we can only sign values that are at most the same size as our signing public key modulus  So we can’t sign the entire message directly, and repeated signing of parts of the message would open us up to attacks  Idea: Sign a hash of the message February 10, 2011 Practical Aspects of Modern Cryptography 14

  15. Signing Messages  To sign a message, we first choose a cryptographic hash function H() to use with our signature algorithm  Normally defined as part of a signing ciphersuite  We apply the hash function H to the exact sequence of bytes that forms our message (usually including header info)  We sign the hash value  We append the signed hash value to the message. February 10, 2011 Practical Aspects of Modern Cryptography 15

  16. Digital Signatures Provide Authentication and Integrity Alice m Hash Value Signed m Hash Message Hash Function February 10, 2011 Practical Aspects of Modern Cryptography 16

  17. Verifying Signatures  To verify a signed message, the recipient has to do three things:  Independently compute the hash value of the signed portion of the message  Verify that the signature on the message came from the sender (by applying the sender’s public signing key)  This yields the hash value signed by the sender  Compare the independently-computed hash value with the one the sender signed  If the hash values are equal, then the message has not been modified since it was signed. February 10, 2011 Practical Aspects of Modern Cryptography 17

  18. Verifying Signatures m Hash Value m Hash Function Bob Message Hash Value February 10, 2011 Practical Aspects of Modern Cryptography 18

  19. More Complex Signatures  A single signer acknowledging understanding or commitment to different concepts or agreements within one document.  Multiple signers signing unique content within the same document.  Multiple signers “co - signing” the same content within the same document.  Multiple signers, one signing content the other “counter - signing” the prior signature. February 10, 2011 Practical Aspects of Modern Cryptography 19

  20. Co-Signing  Alice and Bob want to sign the same message “in parallel” Co-Signed Alice Message Signed Hash 1 m m Hash To-be-signed Hash Value Message Function Bob Signed Hash 2 February 10, 2011 Practical Aspects of Modern Cryptography 20

  21. Counter-Signing  Alice and Bob want to sign the same message “in series” (Alice first, then Bob) Alice m Hash Alice Value m Hash Signed Message Function Hash Signed by Alice m Bob Hash Hash Value Bob Function Signed Counter-Signed Message Hash February 10, 2011 Practical Aspects of Modern Cryptography 21

  22. PKCS #7/CMS Structure CMS Signer Info 1 Signer Info 2 Version Signer Info 3 Digest Algorithm Content Signer Info Certificates Version CRLs Serial Number Signer Infos Digest Algorithm Authenticated Attributes Unauthenticated Attributes Countersignatures go here Digital Signature February 10, 2011 Practical Aspects of Modern Cryptography 22

  23. Limitations of the CMS format  The CMS standard only covers “wrapped” signatures  Signatures where the signed content is enclosed by the signature object  Signing assumes you start with a bytestream that is completely immutable  This is the safest assumption, but sometimes it’s overly conservative  Example: CR-LF rewriting and tab/whitespace conversions for text. February 10, 2011 Practical Aspects of Modern Cryptography 23

  24. Agenda  Guest lecture: Christian Rechberger, KU Leuven  Towards SHA-3  Message-based protocols  S/MIME  XMLDSIG & XMLENC  IPsec (depending on time)  Design Charrette Part II February 10, 2011 Practical Aspects of Modern Cryptography 24

  25. What is XML? <Address> <Street>1 Microsoft Way</Street> <City>Redmond</City> <State>WA</State> <ZipCode>98052</ZipCode> </Address> February 10, 2011 Practical Aspects of Modern Cryptography 25

  26. What is XML?  XML is a W3C standard for describing “markup languages”  XML == “eXtensible Markup Language”  Had its roots in SGML (of which HTML is an offshoot)  Now, though, XML has really become a standard means of representing data structures in text.  “XML provides a text -based means to describe and apply a tree- based structure to information.” -- Wikipedia February 10, 2011 Practical Aspects of Modern Cryptography 26

  27. Securing XML  As XML’s popularity grew, so did the need to secure XML objects (trees of XML elements)  How should we sign & encrypt XML?  One possibility: just treat an XML object as a byte sequence and use S/MIME  It’s just a sequence of characters, so we can Unicode encode that sequence, hash it, encrypt it and wrap it in S/MIME February 10, 2011 Practical Aspects of Modern Cryptography 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Brian LaMacchia Agenda Guest lecture: Tolga Acar, Distributed Key Management and

Brian LaMacchia Agenda Guest lecture: Tolga Acar, Distributed Key Management and

Winter 2011 Josh Benaloh Brian LaMacchia Agenda Guest lecture: Tolga Acar, Distributed Key Management and Cryptographic Agility Hardware crypto tokens Smart cards TPMs (v1.2 &amp; .Next) tokens for PCs

676 views • 43 slides
Brian LaMacchia Agenda Integrity Checking (HMAC redux) Protocols (Part 1 Session-based

Brian LaMacchia Agenda Integrity Checking (HMAC redux) Protocols (Part 1 Session-based

Winter 2011 Josh Benaloh Brian LaMacchia Agenda Integrity Checking (HMAC redux) Protocols (Part 1 Session-based protocols) Introduction Kerberos SSL/TLS Certificates and Public Key Infrastructure (PKI) Certificates

1.81k views • 135 slides
Supersingular Isogeny Key Encapsulation Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca

Supersingular Isogeny Key Encapsulation Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca

Supersingular Isogeny Key Encapsulation Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev November 14 ECC 2017 Nijmegen,

769 views • 75 slides
Todays agenda Brian Reed Water, Engineering and Development Centre Todays agenda

Todays agenda Brian Reed Water, Engineering and Development Centre Todays agenda

Todays agenda Brian Reed Water, Engineering and Development Centre Todays agenda Institutional policy and Evaluation strategy Initial Validation study Analysis Delivery Design Knowledge EKIMEEZA International WATER

871 views • 44 slides
2018 SMALL BEGINNINGS BIG VISION AGENDA Brian Joffe - CEO Welcome and introduction Peter

2018 SMALL BEGINNINGS BIG VISION AGENDA Brian Joffe - CEO Welcome and introduction Peter

LONG4LIFE LIMITED RESULTS PRESENTATION PERIOD ENDED 28 FEBRUARY 2018 SMALL BEGINNINGS BIG VISION AGENDA Brian Joffe - CEO Welcome and introduction Peter Riskowitz - CFO Results overview Brian Joffe - CEO Progress The future

590 views • 28 slides
PRESENTATION 2019 AGENDA Brian Joffe Group CEO Overview and year in review

PRESENTATION 2019 AGENDA Brian Joffe Group CEO Overview and year in review

Long4Life Limited ANNUAL RESULTS PRESENTATION 2019 AGENDA Brian Joffe Group CEO Overview and year in review Mireille Levenstein CFO Financial analysis Brian Joffe Group CEO Operational analysis - Sport and

629 views • 43 slides
Smoke in Urban Areas FEMTC 2016 Nov 16-18 2016 Brian Lee Brian.lee@snclavalin.com

Smoke in Urban Areas FEMTC 2016 Nov 16-18 2016 Brian Lee Brian.lee@snclavalin.com

Smoke Dispersion Modelling of Exhausted Tunnel Fire Smoke in Urban Areas FEMTC 2016 Nov 16-18 2016 Brian Lee Brian.lee@snclavalin.com Vancouver, Canada Tunnel Ventilation Engineer Agenda TVS Overview SDA Modelling

514 views • 27 slides
and Customization Brian Laird, Implementation Manager OmniUpdate Agenda Background: OU

and Customization Brian Laird, Implementation Manager OmniUpdate Agenda Background: OU

Page Template Creation and Customization Brian Laird, Implementation Manager OmniUpdate Agenda Background: OU Campus as a System What is a template? Page Tagging for Editable Regions New Page Forms Agenda

636 views • 50 slides
OUR FIRST SIX MONTHS A GOOD BEGINNING Presented by Brian Joffe, CEO AGENDA Introducing

OUR FIRST SIX MONTHS A GOOD BEGINNING Presented by Brian Joffe, CEO AGENDA Introducing

OUR FIRST SIX MONTHS A GOOD BEGINNING Presented by Brian Joffe, CEO AGENDA Introducing Long4Life JSE Listing Business philosophy Asset ownership criteria Preferred business sectors Progress so far on acquiring assets Sorbet, Holdsport

436 views • 17 slides
May 10, 2013 Samira Monshi Seungwon Noh Wilfredo Rodezno Brian Skelly Agenda Project

May 10, 2013 Samira Monshi Seungwon Noh Wilfredo Rodezno Brian Skelly Agenda Project

May 10, 2013 Samira Monshi Seungwon Noh Wilfredo Rodezno Brian Skelly Agenda Project Overview Background on Alternative Jet Fuel Problem Description and Scope Technical Approach Analysis and Results Conclusion,

751 views • 44 slides
IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN | EVOLVE PROJECT AGENDA

IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN | EVOLVE PROJECT AGENDA

IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN | EVOLVE PROJECT AGENDA A high level overview of what to implement in your library to make it secure. With the rise of data breaches, identity theft, malicious hacking,

1.03k views • 49 slides
AntiPhish Project Presentation Brian Witten December 2006 December 18 th 2006 Agenda Agenda 1.

AntiPhish Project Presentation Brian Witten December 2006 December 18 th 2006 Agenda Agenda 1.

AntiPhish Project Presentation Brian Witten December 2006 December 18 th 2006 Agenda Agenda 1. Work Package 2 Requirements and Specification 2. Work Package 1 Data Generation and Dissemination 3. Work Package 5 Message

582 views • 18 slides
mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat

mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat

mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat Agenda Who is Brian Stansberry? Principal Software Engineer at Red Hat Technical Lead for JBoss Application Server Clustering Part of

528 views • 18 slides
Gaston-Cleveland-Lincoln MPO CTP Meeting Brian Wert, P.E. December 10, 2014 Agenda Project

Gaston-Cleveland-Lincoln MPO CTP Meeting Brian Wert, P.E. December 10, 2014 Agenda Project

Gaston-Cleveland-Lincoln MPO CTP Meeting Brian Wert, P.E. December 10, 2014 Agenda Project progress to date STIP review Survey analysis Vision statement implications Alternatives analysis preparation Next steps

235 views • 21 slides
Support for a Children and Families Agenda January 24, 2016 Celinda Lake Brian Nienaber Lake

Support for a Children and Families Agenda January 24, 2016 Celinda Lake Brian Nienaber Lake

Support for a Children and Families Agenda January 24, 2016 Celinda Lake Brian Nienaber Lake Research Partners Washington, DC | Berkeley, CA | New York, NY LakeResearch.com 202.776.9066 Methodology Election Eve Omnibus Survey Lake

298 views • 27 slides
FY20 Half Year results 10 December 2019 26 weeks ended 27 October 2019 Agenda CEO update Brian

FY20 Half Year results 10 December 2019 26 weeks ended 27 October 2019 Agenda CEO update Brian

FY20 Half Year results 10 December 2019 26 weeks ended 27 October 2019 Agenda CEO update Brian Duffy, CEO FY20 H1 financial results and FY20 full year outlook Anders Romberg, CFO Operational review, summary and outlook Brian Duffy, CEO

1.15k views • 73 slides
Electronic Mail Overview Electronic mail History Format of email RFC 822, MIME,

Electronic Mail Overview Electronic mail History Format of email RFC 822, MIME,

Electronic Mail Overview Electronic mail History Format of email RFC 822, MIME, email addresses Sending email SMTP, DNS Retrieving email POP, IMAP, Web-based 2 Flashback to the 70s ARPANET just recently came

437 views • 40 slides
Local Health District A Virtual Health Service David Wright: Operational Manager Telehealth

Local Health District A Virtual Health Service David Wright: Operational Manager Telehealth

Western NSW Local Health District A Virtual Health Service David Wright: Operational Manager Telehealth Strategy Sharyn Cowie: Telehealth Manager Setting the background Setting the background Setting the background Respect &amp; Commitment

795 views • 36 slides
The European Face of Videoconferencing and other developments Egon Verharen SURFnet

The European Face of Videoconferencing and other developments Egon Verharen SURFnet

The European Face of Videoconferencing and other developments Egon Verharen SURFnet Egon.Verharen@surfnet.nl GDS: 0031302305367 Former TF-STREAM chair, Vidmid-vc, ViDe.Net, ViDe, Internet2 Commons International coordination Why

480 views • 34 slides
Multicast in the Mobile Environment and 3G LAURI MKINEN ARI KOPONEN Agenda Introduction

Multicast in the Mobile Environment and 3G LAURI MKINEN ARI KOPONEN Agenda Introduction

T-110.5120 Next Generation Wireless Networks Multicast in the Mobile Environment and 3G LAURI MKINEN ARI KOPONEN Agenda Introduction MBMS Multimedia Broadcast Multicast Service Background Architecture Provisioning

289 views • 24 slides
CS378 - Mobile Computing Intents Intents Allow us to use applications and components that

CS378 - Mobile Computing Intents Intents Allow us to use applications and components that

CS378 - Mobile Computing Intents Intents Allow us to use applications and components that are part of Android System and allow other applications to use the components of the applications we create Examples of Google applications:

473 views • 31 slides
Luca Bedogni Marco Di Felice Dipartimento di Scienze dellInformazione Universit di

Luca Bedogni Marco Di Felice Dipartimento di Scienze dellInformazione Universit di

Programming with Android: Activities and Intents Luca Bedogni Marco Di Felice Dipartimento di Scienze dellInformazione Universit di Bologna Outline What is an intent ? Intent-field description Handling Explicit Intents Handling

422 views • 30 slides
June 6, 2016 this week Public key cryptography Pieter van den Hombergh RSA and friends

June 6, 2016 this week Public key cryptography Pieter van den Hombergh RSA and friends

June 6, 2016 this week Public key cryptography Pieter van den Hombergh RSA and friends Crypto, PPK Public key cryptography Public and private Keys Information exchange Shared secret Authentication/signing Signing Pieter van den Hombergh

177 views • 7 slides
Chapter 5 Electronic Mail Security -Pretty Good Privacy (PGP) -S/MIME 1 Need for E-Mail

Chapter 5 Electronic Mail Security -Pretty Good Privacy (PGP) -S/MIME 1 Need for E-Mail

Chapter 5 Electronic Mail Security -Pretty Good Privacy (PGP) -S/MIME 1 Need for E-Mail Security E-mail is necessary for E-Commerce Daily communication E-Mail is also very public, allowing for access at each point from the

1.1k views • 23 slides

More recommend