secure communication secure communication
play

Secure Communication Secure Communication Lecture 14 Wrap-Up We - PowerPoint PPT Presentation

Oct 07, 2023 •341 likes •1.07k views

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key Components SKE, MAC Public-Key Components PKE, Digital Signatures Building blocks: Block-ciphers (AES), Hash-functions (SHA-3), Trapdoor PRG/OWP for PKE

  1. Secure Communication

  2. Secure Communication Lecture 14 
 Wrap-Up

  3. We saw... Symmetric-Key Components SKE, MAC Public-Key Components PKE, Digital Signatures Building blocks: Block-ciphers (AES), Hash-functions (SHA-3), Trapdoor PRG/OWP for PKE (e.g., DDH, RSA) and 
 Random Oracle heuristics (in RSA-OAEP, RSA-PSS) Symmetric-Key primitives much faster than Public-Key ones Hybrid Encryption gets best of both worlds

  4. Secure Communication in Practice

  5. Secure Communication in Practice Can do at application-level

  6. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server

  7. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server Or lower-level infrastructure to allow use by more applications

  8. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server Or lower-level infrastructure to allow use by more applications e.g. between OS kernels, or between network gateways

  9. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server Or lower-level infrastructure to allow use by more applications e.g. between OS kernels, or between network gateways Standards in either case

  10. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server Or lower-level infrastructure to allow use by more applications e.g. between OS kernels, or between network gateways Standards in either case To be interoperable

  11. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server Or lower-level infrastructure to allow use by more applications e.g. between OS kernels, or between network gateways Standards in either case To be interoperable To not insert bugs by doing crypto engineering oneself

  12. Secure Communication in Practice Can do at application-level e.g. between web-browser and web-server Or lower-level infrastructure to allow use by more applications e.g. between OS kernels, or between network gateways Standards in either case To be interoperable To not insert bugs by doing crypto engineering oneself e.g.: SSL/TLS (used in https), IPSec (in the “network layer”)

  13. Security Architectures (An example) Security architecture (client perspective) From the IBM WebSphere Developer Technical Journal

  14. Secure Communication Infrastructure

  15. Secure Communication Infrastructure Goal: a way for Alice and Bob to get a private and authenticated communication channel (can give a detailed SIM-definition)

  16. Secure Communication Infrastructure Goal: a way for Alice and Bob to get a private and authenticated communication channel (can give a detailed SIM-definition) Simplest idea: Use a (SIM-CCA secure) public-key encryption (possibly a hybrid encryption) to send signed (using an existentially unforgeable signature scheme) messages (with sequence numbers and channel id)

  17. Secure Communication Infrastructure Goal: a way for Alice and Bob to get a private and authenticated communication channel (can give a detailed SIM-definition) Simplest idea: Use a (SIM-CCA secure) public-key encryption (possibly a hybrid encryption) to send signed (using an existentially unforgeable signature scheme) messages (with sequence numbers and channel id) Limitation: Alice, Bob need to know each other’ s public-keys

  18. Secure Communication Infrastructure Goal: a way for Alice and Bob to get a private and authenticated communication channel (can give a detailed SIM-definition) Simplest idea: Use a (SIM-CCA secure) public-key encryption (possibly a hybrid encryption) to send signed (using an existentially unforgeable signature scheme) messages (with sequence numbers and channel id) Limitation: Alice, Bob need to know each other’ s public-keys But typically Alice and Bob engage in “transactions,” exchanging multiple messages, maintaining state throughout the transaction

  19. Secure Communication Infrastructure Goal: a way for Alice and Bob to get a private and authenticated communication channel (can give a detailed SIM-definition) Simplest idea: Use a (SIM-CCA secure) public-key encryption (possibly a hybrid encryption) to send signed (using an existentially unforgeable signature scheme) messages (with sequence numbers and channel id) Limitation: Alice, Bob need to know each other’ s public-keys But typically Alice and Bob engage in “transactions,” exchanging multiple messages, maintaining state throughout the transaction Makes several efficiency improvements possible

  20. Secure Communication Infrastructure

  21. Secure Communication Infrastructure Secure Communication Sessions

  22. Secure Communication Infrastructure Secure Communication Sessions Handshake phase: establish private shared keys

  23. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange

  24. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange Communication phase: use efficient shared-key schemes

  25. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange Communication phase: use efficient shared-key schemes Server-to-server communication: Both parties have (certified) public-keys

  26. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange Communication phase: use efficient shared-key schemes Server-to-server communication: Both parties have (certified) public-keys Client-server communication: server has (certified) public-keys

  27. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange Communication phase: use efficient shared-key schemes Server-to-server communication: Both parties have (certified) public-keys Client-server communication: server has (certified) public-keys Client “knows” server. Server willing to talk to all clients

  28. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange Communication phase: use efficient shared-key schemes Server-to-server communication: Both parties have (certified) public-keys Client-server communication: server has (certified) public-keys Client “knows” server. Server willing to talk to all clients Server may “know” (some) clients too, using passwords, pre-shared keys, or if they have (certified) public-keys. Often implemented in application-layer

  29. Secure Communication Infrastructure Secure Communication Sessions (Authenticated) 
 Handshake phase: establish private shared keys Key-Exchange Communication phase: use efficient shared-key schemes Server-to-server communication: Both parties have (certified) public-keys Client-server communication: server has (certified) public-keys Client “knows” server. Server willing to talk to all clients Client-Client communication (e.g., email) 
 Server may “know” (some) clients Clients share public-keys in ad hoc 
 too, using passwords, pre-shared keys, or if they have (certified) ways public-keys. Often implemented in application-layer

  30. Certificate Authorities How does a client know a server’ s public-key? Based on what is received during a first session? (e.g., first ssh connection to a server) Better idea: Chain of trust Client knows a certifying authority’ s public key (for signature) Bundled with the software/hardware Certifying Authority signs the signature PK of the server CA is assumed to have verified that the PK was generated by the “correct” server before signing Validation standards: Domain/Extended validation

  31. Forward Secrecy

  32. Forward Secrecy Servers have long term public keys that are certified

  33. Forward Secrecy Servers have long term public keys that are certified Would be enough to have long term signature keys, but in practice long term encryption keys too

  34. Forward Secrecy Servers have long term public keys that are certified Would be enough to have long term signature keys, but in practice long term encryption keys too Problem: if the long term key is leaked, old communications are also revealed

  35. Forward Secrecy Servers have long term public keys that are certified Would be enough to have long term signature keys, but in practice long term encryption keys too Problem: if the long term key is leaked, old communications are also revealed Adversary may have already stored, or even actively participated in old sessions

  36. Forward Secrecy Servers have long term public keys that are certified Would be enough to have long term signature keys, but in practice long term encryption keys too Problem: if the long term key is leaked, old communications are also revealed Adversary may have already stored, or even actively participated in old sessions Solution: Use fresh public-keys/do a fresh key-exchange for each session (authenticated using signatures)

  37. A Simple Secure Communication Scheme

  38. A Simple Secure Communication Scheme Handshake

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message Transmission Schemes Yvo Desmedt 1 , 2 Stelios Erotokritou 1 Reihaneh Safavi-Naini 3 1 Department of Computer Science University College London, UK 2

459 views • 33 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical

Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical

Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical Engineer/Embedded developer Teaching for a while Overview Signal is one example of a third-party app for secure texting. Well go over what it does

819 views • 32 slides
TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication

TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication

TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication Confidentiality by applying block & stream ciphers - Integrity with MACs - Authenticity with certificates - Predecessor: SSL (secure

557 views • 13 slides
Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.) Samuel Ranellucci (Unbound Tech) Xiao Wang (MIT & Boston U.) Secure Computation 4 parties each hold private data. They wish to compute C(x 1

414 views • 24 slides
Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential Management in a Secure VANET) Supervisor: MSc Thesis: Prof. Panos Papadimitratos Mohammad Khodaei LCN KTH October, 2012 1 / 38 Outline

519 views • 48 slides
Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

U U U U U U U- U - - communication - - - - - communication communication communication communication communication communication communication Korea Mobile Market Trend for Convergence & Ubiquitous Communication 2004.

400 views • 16 slides
Joseph Jaeger Igors Stepanovs Alice and Bob want E2E secure communication But what about E2E

Joseph Jaeger Igors Stepanovs Alice and Bob want E2E secure communication But what about E2E

Optimal Channel Security Against Fine-Grained State Compromise: The Safety of Messaging Joseph Jaeger Igors Stepanovs Alice and Bob want E2E secure communication But what about E2E Tools? Plenty of Theory Symmetric encryption Asymmetric

475 views • 18 slides
A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison

A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison

A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison Presented By: Anil Bazaz CS6204, Spring 2005 Intro: Group Communication Uses IP multicast to transmit data Does not limit access to data No

543 views • 19 slides
Distributed Systems Secure Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Secure Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Secure Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Symmetric cryptography Both parties

860 views • 60 slides
Secure Communication by Ratcheting F Bet ul Durak and Serge Vaudenay COLE POLYTECHNIQUE

Secure Communication by Ratcheting F Bet ul Durak and Serge Vaudenay COLE POLYTECHNIQUE

Secure Communication by Ratcheting F Bet ul Durak and Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE LAUSANNE SV 2018 ratchet ASK 2018 1 / 43 Secure Communication 1 Ratcheting 2 Our Results 3 SV 2018 ratchet ASK 2018 2 / 43

926 views • 43 slides
Multi Party secure communication C D A B E F N parties want to communicate securely with

Multi Party secure communication C D A B E F N parties want to communicate securely with

1 Key Establishment Chester Rebeiro IIT Madras 2 Multi Party secure communication C D A B E F N parties want to communicate securely with each other (N=6 in this figure) If U sends a message to V (U V and U,V {a,b,c,d,e,f})

721 views • 55 slides
All wireless communication stacks are equally broken Jiska Classen Secure Mobile Networking Lab

All wireless communication stacks are equally broken Jiska Classen Secure Mobile Networking Lab

All wireless communication stacks are equally broken Jiska Classen Secure Mobile Networking Lab - SEEMOO Technische Universitt Darmstadt, Germany A foundation talk??? Wireless communication is fun damentally broken focus: everything in

687 views • 42 slides
You thought your communication was secure? Quantum computers are coming! Daniel J. Bernstein 1 , 2

You thought your communication was secure? Quantum computers are coming! Daniel J. Bernstein 1 , 2

You thought your communication was secure? Quantum computers are coming! Daniel J. Bernstein 1 , 2 Tanja Lange 1 1 Technische Universiteit Eindhoven 2 University of Illinois at Chicago 16 April 2016 1 / 33 Cryptography Motivation

1.01k views • 57 slides
Secure Group Communication Related Issues Presenter: Haiyan Cheng CS 6204, Spring 2005 1

Secure Group Communication Related Issues Presenter: Haiyan Cheng CS 6204, Spring 2005 1

Secure Group Communication Related Issues Presenter: Haiyan Cheng CS 6204, Spring 2005 1 Outlines Addresses relevant security issues for IP multicast network Investigates steps to create secure multicast sessions Group membership

444 views • 19 slides
Wireless Sensor Networks 4. Medium Access Christian Schindelhauer Technische Fakultt

Wireless Sensor Networks 4. Medium Access Christian Schindelhauer Technische Fakultt

Wireless Sensor Networks 4. Medium Access Christian Schindelhauer Technische Fakultt Rechnernetze und Telematik Albert-Ludwigs-Universitt Freiburg Version 29.04.2016 1 ISO/OSI Reference model 7. Application - Data transmission,

749 views • 41 slides
Asynchronous Arbitration Primitives for New Generation of Circuits and Systems Andrey Mokhov,

Asynchronous Arbitration Primitives for New Generation of Circuits and Systems Andrey Mokhov,

Asynchronous Arbitration Primitives for New Generation of Circuits and Systems Andrey Mokhov, Danil Sokolov, Victor Khomenko, Alex Yakovlev Newcastle University, UK Motivating example: toy buck converter under-voltage V_ref V_pmos gp_ack

271 views • 24 slides
Network Endpoint Data 1 TLS 1.3 : Solving new challenges for next-generation firewalls (NGFW)

Network Endpoint Data 1 TLS 1.3 : Solving new challenges for next-generation firewalls (NGFW)

Network Endpoint Data 1 TLS 1.3 : Solving new challenges for next-generation firewalls (NGFW) Pass The Salt 2019 2 Who are we ? Nicolas Pamart Damien Deville Thomas Malherbe Apprentice Developer T echnical Leader Developer Does

833 views • 52 slides
TLS 1.2 Cdric Fournet , Markulf Kohlweiss Microsoft Research Karthik Bhargavan, Alfredo

TLS 1.2 Cdric Fournet , Markulf Kohlweiss Microsoft Research Karthik Bhargavan, Alfredo

Modular Code-Based F7 Cryptographic Verification for TLS 1.2 Cdric Fournet , Markulf Kohlweiss Microsoft Research Karthik Bhargavan, Alfredo Pironti, Pierre-Yves Strub MSR-INRIA Joint Centre Transport Layer Security (1994 ) The most

690 views • 32 slides
Kerberos4(NSchapter13)

Kerberos4(NSchapter13)

Kerberos4(NSchapter13) RealmhasKDCandprincipals(users)

455 views • 11 slides
1 Description Mur Modeling Prior to 4-way handshake, we assume:

1 Description Mur Modeling Prior to 4-way handshake, we assume:

Scenario: 802.11 Analysis of 4-way handshake protocol in IEEE 802.11i Wired Network Changhua He Stanford University Security ! Mar. 04, 2004 An example of a 802.11 wireless local area network History of Security Concerns Terms

285 views • 3 slides
Web Security [SSL/TLS and Browser Security Model] Fall 2017 Franziska (Franzi) Roesner

Web Security [SSL/TLS and Browser Security Model] Fall 2017 Franziska (Franzi) Roesner

CSE 484 / CSE M 584: Computer Security and Privacy Web Security [SSL/TLS and Browser Security Model] Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner,

570 views • 43 slides
Composition of Password-based Protocols ephanie Delaune 1 , Steve Kremer 1 and Mark Ryan 2 St 1

Composition of Password-based Protocols ephanie Delaune 1 , Steve Kremer 1 and Mark Ryan 2 St 1

Composition of Password-based Protocols ephanie Delaune 1 , Steve Kremer 1 and Mark Ryan 2 St 1 LSV, ENS de Cachan, CNRS & INRIA, France 2 School of Computer Science, University of Birmingham, UK CSF08, Pittsburgh June 2008

403 views • 27 slides

More recommend