SlideShare ist ein Scribd-Unternehmen logo

BAIT1103 Chapter 3

L
limsh
BildungTechnologie
1 von 45
Chapter 3 Authentication Applications Key Distribution & User Authentication
Objectives • Understand the issues involved in the use of symmetric encryption to distribute symmetric keys. • Give a presentation on Kerberos. • Explain the differences between versions 4 and 5 of Kerberos. • List and explain the elements in an X.509 certificate.
No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman he would fear that some devil might take advantage of his weak state to slip into his body. —The Golden Bough, Sir James George Frazer
Symmetric Key Distribution using symmetric encryption • For symmetric encryption to work, the two parties to an exchange must share the same key, and that key must be protected from access by others • Frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key • Key distribution technique • The means of delivering a key to two parties that wish to exchange data, without allowing others to see the key
Key Distribution • For two parties A and B, there are the following options: 1 2 3 4 • A key can be selected by A and physically delivered to B • A third party can select the key and physically deliver it to A and B • If A and B have previously and recently used a key, one party could transmit the new key to the other, using the old key to encrypt the new key • If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B
Key Distribution • Options 1 and 2 call for manual delivery of a key • For link encryption, this is a reasonable requirement, because each link encryption device is only going to be exchanging data with its partner on the other end of the link • For end-to-end encryption, manual delivery is awkward – in a distributed system, any given host may need to engage in exchanges with many other hosts over time, thus, each device needs a number of keys supplied dynamically. • Option 3 is a possibility for either link encryption or end-toend encryption, but if an attacker ever succeeds in gaining access to one key, then all subsequent keys are revealed. • Even if frequent changes are made to the link encryption keys, these should be done manually • To provide keys for end-to-end encryption, Option 4 is preferable.
Key Distribution • For Option 4, two kinds of keys are used: 1. Session key: • When two end systems (hosts, terminals, etc.) wish to communicate, they establish a logical connection (e.g. virtual circuit). • For the duration of that logical connection, called a session, all user data are encrypted with a one-time session key. • At the conclusion of the session the session key is destroyed. 2. Permanent key: • A permanent key is a key used between entities for the purpose of distributing session keys. • A necessary element of option 4 is a key distribution center (KDC)
Key Distribution • KDC determines which systems are allowed to communicate with each other. • When permissions is granted for two systems to establish a connection, the key distribution center provides a one-time session key for that connection. • The automated key distribution approach provides the flexibility and dynamic characteristics needed to allow a number of users to access a number of servers and for the servers to exchange data with each other. • The most widely used application that implements this approach is Kerberos.
The Operation of KDC 1. 2. 3. When host A wishes to set up a connection to host B, it transmits a connection-request packet to the KDC. The communication between A and KDC is encrypted using a master key shared only by A and KDC. If KDC approves the connection request, it generates a unique one-time session key. It encrypts the session key using the permanent key it shares with A and delivers the encrypted session key to A. Similarly, it encrypts the session key using the permanent key it shares with B and delivers the encrypted session key to B. A and B can now set up a logical connection and exchange messages and data, all encrypted using the temporary session key. Session key MKA, PKA 3 Host A 1 MKB, PKB Host B messages PKA Session key Connectionrequest 2 MKA KDC MKA, PKA MKB, PKB MK = master key PK = permanent key Session key 2 PKB
Kerberos • Key distribution and user authentication service developed at MIT • Provides a centralized authentication server whose function is to authenticate users to servers and servers to users • Relies exclusively on symmetric encryption, making no use of public-key encryption Two versions are in use • Version 4 implementations still exist, although this version is being phased out • Version 5 corrects some of the security deficiencies of version 4 and has been issued as a proposed Internet Standard (RFC 4120)
Problem Kerberos addresses • Assume an open distributed environment in which users at workstations wish to access services on servers distributed throughout the network. • Servers are able to restrict access to authorized users and are able to authenticate requests for service. • A workstation cannot be trusted to identify its users correctly to network services. • The following three threats exist: • A user may gain access to a particular workstation and pretend to be another user operating from that workstation • A user may alter the network address of a workstation so that the requests sent from the altered workstation appear to come from the impersonated workstation. • A user may eavesdrop on exchanges and use a replay attack to gain entrance to a server or to disrupt operations.
Kerberos requirements The first published report on Kerberos [STEI88] listed the following requirements: • Secure: A network eavesdropper should not be able to obtain the necessary information to impersonate a user. More generally, Kerberos should be strong enough that a potential opponent does not find it to be the weak link. • Reliable: For all services that rely on Kerberos for access control, lack of availability of the Kerberos service means lack of availability of the supported services. Hence, Kerberos should be highly reliable and should employ a distributed server architecture, with one system able to back up another. • Transparent: Ideally, the user should not be aware that authentication is taking place, beyond the requirement to enter a password. • Scalable: The system should be capable of supporting large numbers of clients and servers. This suggests a modular, distributed architecture.
Kerberos version 4 • A basic third-party authentication scheme • Authentication Server (AS) • Users initially negotiate with AS to identify self • AS provides a non-corruptible authentication credential (ticket granting ticket TGT) • Ticket Granting Server (TGS) • Users subsequently request access to other services from TGS on basis of users TGT • Complex protocol using DES
A simple authentication dialogue Terms: C = Client AS = authentication server V = server IDc = identifier of user on C IDv = identifier of V Pc = password of user on C ADc = network address of C Kv = secret encryption key shared by AS and V TS = timestamp || = concatenation • A simple authentication step flows: Client’s (ID + Password) + Server’s ID (1) : C  AS : (2): IDc || Pc || IDv AS  C : Ticket Encrypted by secret encryption key shared by AS and V [ Client’s (ID + Password) + Server’s ID ] Ticket = E(Kv[IDc || ADc || IDv] (3): CV : IDc || Ticket
A simple authentication dialogue • Each of the ingredients of message (3) is significant. • The ticket is encrypted to prevent alteration or forgery • The server’s ID (IDv) is included in the ticket so that the server can verify that it has decrypted the ticket properly. • IDc is included in the ticket to indicate that this ticket has been issued on behalf of C. • ADc serves to counter threat of an opponent captures the ticket transmitted in message (2), then use the name IDc and transmit a message of form (3) from another workstation. • To prevent this attack, AS includes in the ticket the network address from which the original request came. • The ticket is valid only if it is transmitted from the same workstation that initially requested the ticket.
A more secure authentication dialogue • Problems: 1. Minimize then number of times that a user has to enter a password. • 2. Suppose each ticket can be used only once Plaintext transmission of the password in message (1). • An eavesdropper could capture the password and use any service accessible to the victim • To solve these additional problems, a scheme for avoiding plaintext passwords and a new server is introduced as the ticket-granting server (TGS). • TGS issues tickets to users who have been authenticated to AS.
A More secure authentication dialogue 1. The client (C) requests a ticket-granting ticket on behalf of the user by sending its user’s ID to AS with TGS ID. 2. AS responds with ticket (encrypted with key derived from user’s password [Kc]. When this response arrives at C, user is prompted for password, generates the key, and attempts to decrypt incoming message. 3. C requests a service-granting ticket on behalf of user. C transmits a message to TGS containing user’s ID, the ID of desired service (IDv) and ticket-granting ticket. 4. TGS decrypts incoming ticket using a key shared only by AS and TGS (Ktgs) and verifies success of decryption by its ID, checks expiry of lifetime, and compares user ID and network address. If user is permitted access to server V, TGS issues a ticket. 5. C requests access to a service on behalf of user. C transmits message to server containing user’s ID and service-granting ticket. Server authenticates by using the contents of the ticket. Once per user logon session: (1) C  AS : IDc || IDtgs (2) AS  C : E(Kc, Tickettgs) Once per type of service: (3) C  TGS: IDc || IDv || Tickettgs (4) TGS  C: Ticketv Once per service session: (5) C  V: IDc || Ticketv *Tickettgs = E(Ktgs,[IDc || ADc || IDtgs || TS1 || Lifetime1 ]) *Ticketv = E(Kv,[IDc || ADc || IDv || TS2 || Lifetime2 ])
Version 4 authentication dialogue • Problems: • Lifetime associated with the ticket-granting ticket 1. 2. If lifetime is too short (e.g. minutes), then the user will be repeatedly asked for password. If lifetime is too long (e.g. hours), then an opponent has greater opportunity to replay. • An opponent could eavesdrop and capture a copy of the ticket-granting ticket and then wait for the legitimate user to log out. Then the opponent could forge the legitimate user’s network address and send the message (3) to TGS. • An opponent captures a service-granting ticket and uses it before it expires. • Solutions: • A network service (TGS or application service) must be able to prove that the person using a ticket is the same person to whom the ticket was issued. • For servers to authenticate themselves to users to prevent sabotage of false server in a position to act as a real server, capture any information from the user and deny the true service to user.
Table 4.1 Summary of Kerberos Version 4 Message Exchanges
• AS provides C and TGS with a secret piece of information in a secure manner. C can prove its identity to TGS by revealing the secret information, again in a secure manner. An efficient way of accomplishing this is to use an encryption key as the secure information – a session key in Kerberos. • C sends message to AS requesting access to TGS. • AS responds with message encrypted with a key derived from user’s password (Kc), that contains the ticket. • The encrypted message also contains a copy of the session key, Kc,tgs (for both C and TGS). • Because this session key is inside message encrypted with Kc only C can read it. Same session key is included in the ticket, which can be read only by TGS. • Thus, the session key has been securely delivered to both C and TGS.
• C sends TGS a message includes the ticket plus the ID of the requested service. In addition, C transmits an authenticator, which includes ID and address of C’s user and a timestamp. • Unlike the ticket which is reusable, the authenticator is intended for use only once and has a very short lifetime. • TGS decrypt the ticket with the key shared with AS. This ticket indicates C has been provided session key Kc,tgs. TGS uses the session key to decrypt the authenticator. TGS checks name and address from authenticator with that of the ticket and with the network address of incoming message. • TGS replies with message encrypted with session key shared by TGS and C and includes session key to be shared between C and server V, the ID of V, and the timestamp. The ticket itself includes the same session key.
• C now has a reusable service-granting ticket for V. When C presents the ticket, it also sends an authenticator. V can decrypt the ticket, recover the session key, and decrypt the authenticator. • If mutual authentication is required, the server can reply to C the value of timestamp from the authenticator, incremented by 1, and encrypted in the session key. C can decrypt this message to recover the incremented timestamp. • Because the message was encrypted by the session key, C is assured that it could have been created only by V. The contents of the message assure C that this is not a replay of an old replay.
Kerberos Realms • Kerberos realm • A set of managed nodes that share the same Kerberos database • The Kerberos database resides on the Kerberos master computer system, which should be kept in a physically secure room • A read-only copy of the Kerberos database might also reside on other Kerberos computer systems • All changes to the database must be made on the master computer system • Changing or accessing the contents of a Kerberos database requires the Kerberos master password A Kerberos environment consists of: A Kerberos server • Have user ID and hashed passwords of all participating users • Have shared secret key with each server A number of clients A number of application servers
Kerberos principal • A service or user that is known to the Kerberos system • Each Kerberos principal is identified by its principal name A service or user name An instance name A realm name Principal names consist of three parts Principal name
Differences between versions 4 and 5 Environmental shortcomings • Encryption system dependence • Internet protocol dependence • Message byte ordering • Ticket lifetime • Authentication forwarding • Interrealm authentication Technical deficiencies • Double encryption • PCBC encryption • Session keys • Password attacks
Environmental Shortcomings Version 4 Version 5 Encryption system dependence DES Ciphertext tagged with an encryption-type identifier so any encryption technique may be used Internet protocol dependence Internet Protocol (IP) addresses Network addresses are tagged with type & length, allowing any network address type Message byte ordering Byte ordering of its own choosing Abstract Syntax Notation One (ASN.1) & Basic Encoding Rules (BER) provide unambiguous byte ordering Ticket lifetime 8-bit quantity in units of five minutes Explicit start time & end time, allowing arbitrary lifetimes Authentication forwarding Does not allow credentials issued to one client to be forwarded to some other host and used by other client Provides this capability E.g. client issues a request to a print server then accesses the client’s file from a file server, using the client’s credentials for access Interrealm authentication Interoperability among N Supports method that requires fewer 2 relationships realms requires the order of N Kerberos-to-Kerberos relationships
Technical Deficiencies Version 4 Version 5 Double encryption Tickets provided to clients are encrypted twice – once with the secret key of target server and then again with a secret key known to the client Second encryption is not necessary and is computationally wasteful PCBC encryption Nonstandard mode of DES – propagating cipher block chaining (PCBC) – vulnerable to attack Integrity mechanisms, allowing standard CBC mode for encryption – checksum or hash code is attached to message prior to encryption using CBC Session keys Same ticket may be used repeatedly to gain service from server, risk of replay messages from old session to client or server Possible for client and server to negotiate a subsession key which to be used for that one connection – new access requires new subsession key Password attacks Vulnerable to password attack Provide mechanism known as preauthentication – make password attacks more difficult but does not prevent them
Version 5 authentication dialogue
• C requests for ticket-granting ticket in message (1). As before, it includes the ID of user and TGS with following new elements added: • Realm: indicates realm of user • Options: used to request that certain flags be set in the returned ticket • Times: used by C to request following time settings in the ticket: • • Till: the requested expiration time for the requested ticket • • From: the desired start time for the requested ticket rtime: requested renew-till time Nonce: A random value to be repeated in message (2) to assure that the response is fresh and has not been replayed • AS returns a ticket-granting ticket, identifying information for client, and a block encrypted using encryption key based on user’s password. This block includes session key for C and TGS, times specified and nonce in (1), and TGS identifying information. • The ticket includes session key, identifying information for C, requested time values, and flags that reflect status of the ticket and the requested options.
V4 V5 • Message (3) for both versions includes authenticator, a ticket and the name of the requested service. In addition, version 5 includes requested times and options for the ticket and a nonce • Message (4) returns a ticket plus information needed by C, with information encrypted using the session key now shared by C and TGS
V4 V5 • In message (5), C may request as an option that mutual authentication is required. The authenticator includes new fields: • Subkey: C’s choice for an encryption key to be used to protect this specific application session. If this field is omitted, the session key from ticket (Kc,v) is used, • Sequence number: optional field that specified the starting sequence number to be used by the server for messages sent to the client during this session. Messages may be sequence numbered to detect replays. • If mutual authentication is required, server V responds with message (6) includes timestamp from authenticator without increment of one because it is not possible to create message (6) without appropriate encryption keys. • The subkey field, if present, overrides the subkey field in message (5). The optional sequence number field specifies the starting sequence number to be used by C.
X.509 Certificates • ITU-T recommendation X.509 is part of the X.500 series of recommendations that define a directory service • The directory is, in effect, a server or distributed set of servers that maintains a database of information about users. • The information includes a mapping from user name to network address, other attributes and information about users. • Defines a framework for the provision of authentication services by the X.500 directory to its users • The directory may serve as a repository of public-key certificates • Defines alternative authentication protocols based on the use of public-key certificates • Was initially issued in 1988 • Based on the use of public-key cryptography and digital signatures • The standard does not dictate the use of a specific algorithm but recommends RSA. The digital signature scheme is assumed to require the use of hash function.
• • • • • • • • • • • Version: Differentiates among successive versions of certificate format (default version 1) Serial number: An integer value, unique within the issuing CA Signature algorithm identifier: algorithm used to sign certificate Issuer name: X.500 name of CA Period of validity: 1st and last dates which certificate is valid Subject name: name of the user to whom this certificate refers Subject’s public-key info: public key, identifier of algorithm, associated parameters Issuer unique identifier: optional bit string field to identify CA Subject unique identifier: optional bit string field to identify subject Extensions: a set of one or more extension fields Signature: contains hash code of the other fields encrypted with CA’s private key
• The CA signs the certificate with its private key. • If the corresponding public key is known to a user, then that user can verify that a certificate signed by the CA is valid. • This is the typical digital signature approach
Obtaining a user’s certificate • User certificates generated by a CA have the following characteristics: • Any user with access to the public key of the CA can verify the user public key that was certified • No party other than the certification authority can modify the certificate without this being detected • Because certificates are unforgeable, they can be placed in a directory without the need for the directory to make special efforts to protect them
The connected circles indicate the hierarchical relationship among the CAs; the associated boxes indicate certificates maintained in the directory for each CA entry. The directory entry for each CA includes two types of certificates: • Forward certificates: Certificates of X generated by other CAs • Reverse certificates: Certificates generated by X that are the certificates of • other CAs
Revocation of certificates • Each certificate includes a period of validity • Typically a new certificate is issued just before the expiration of the old one • It may be desirable on occasion to revoke a certificate before it expires for one of the following reasons: • The user’s private key is assumed to be compromised • The user is no longer certified by this CA; reasons for this include subject’s name has changed, the certificate is superseded, or the certificate was not issued in conformance with the CA’s policies • The CA’s certificate is assumed to be compromised
X.509 Version 3 The X.509 version 2 format does not convey all of the information that recent design and implementation experience has shown to be needed. [FORD95] lists the following requirements not satisfied by version 2: 1. The Subject field is inadequate to convey the identity of a-key owner to a public-key user. X.509 names may be relatively short and lacking in obvious identification details that may be needed by the user. 2. The Subject field is also inadequate for many applications, which typically recognize entities by an Internet e-mail address, a URL, or some other Internet related identification. 3. There is a need to indicate security policy information. This enables a security application or function, such as IPSec, to relate an X.509 certificate to a given policy. 4. There is a need to limit the damage that can result from a faulty or malicious CA by setting constraints on the applicability of a particular certificate. 5. It is important to be able to identify different keys used by the same owner at different times. This feature supports key life cycle management, in particular the ability to update key pairs for users and CAs on a regular basis or under exceptional circumstances.
X.509 Version 3 Includes a number of optional extensions that may be added to the version 2 format Each extension consists of: • An extension identifier • A criticality indicator • An extension value The certificate extensions fall into three main categories: • Key and policy information • Subject and issuer attributes • Certification path constraints
Key and policy information • These extensions convey additional information about the subject and issuer keys, plus indicators of certificate policy • A certificate policy is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements Includes: • • • • • • Authority key identifier Subject key identifier Key usage Private-key usage period Certificate policies Policy mappings
Certificate subject and issuer attributes • These extensions support alternative names, in alternative formats, for a certificate subject or certificate issuer and can convey additional information about the certificate subject to increase a certificate user’s confidence that the certificate subject is a particular person or entity Includes: • Subject alternative name • Issuer alternative name • Subject directory attributes
Certification path constraints • These extensions allow constraint specifications to be included in certificates issued for CAs by other CAs • The constraints may restrict the types of certificates that can be issued by the subject CA or that may occur subsequently in a certification chain Includes: • Basic constraints • Name constraints • Policy constraints
Summary • Symmetric key distribution using symmetric encryption • Key distribution center (KDC) • Kerberos • • Version 4 • A simple authentication dialogue • A more secure authentication dialogue • Version 4 Authentication dialogue • Kerberos realms Version 5 • Differences between version 4 and 5 • Version 5 Authentication dialogue • X.509 certificates • Certificates • Obtaining a user’s certificate • Revocation of certificates • X.509 Version 3

Empfohlen

BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2limsh
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - SecurityWayne Jones Jnr
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionGyanmanjari Institute Of Technology
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 

Empfohlen

BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2limsh
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - SecurityWayne Jones Jnr
 
Cryptography
CryptographyCryptography
CryptographyAbhi Prithi
 
Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionGyanmanjari Institute Of Technology
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemMerlin Florrence
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmacanuragjagetiya
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce STS
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution MethodsGulcin Yildirim Jelinek
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesVaibhav Khanna
 
MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)Neelabja Manna
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standardVaibhav Khanna
 
CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem Gyanmanjari Institute Of Technology
 
network security
network securitynetwork security
network securityBishalWosti1
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
Unit 1
Unit 1Unit 1
Unit 1Trupti Kodinariya
 
Symmetric encryption and message confidentiality
Symmetric encryption and message confidentialitySymmetric encryption and message confidentiality
Symmetric encryption and message confidentialityCAS
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 IntroducationTushar Rajput
 
Message authentication code_course_bouchra_echandouri
Message authentication code_course_bouchra_echandouriMessage authentication code_course_bouchra_echandouri
Message authentication code_course_bouchra_echandouriBouchra Echandouri
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication CodeKeval Bhogayata
 
Message Authentication
Message AuthenticationMessage Authentication
Message AuthenticationRam Dutt Shukla
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA AlgoritmnDr. Kapil Gupta
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
BAIT1103 Assignment Presentation
BAIT1103 Assignment PresentationBAIT1103 Assignment Presentation
BAIT1103 Assignment Presentationlimsh
 

Weitere ähnliche Inhalte

Was ist angesagt?

Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemMerlin Florrence
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functionsDr.Florence Dayana
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmacanuragjagetiya
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce STS
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesVaibhav Khanna
 
MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)Neelabja Manna
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standardVaibhav Khanna
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
Symmetric encryption and message confidentiality
Symmetric encryption and message confidentialitySymmetric encryption and message confidentiality
Symmetric encryption and message confidentialityCAS
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 IntroducationTushar Rajput
 
Message authentication code_course_bouchra_echandouri
Message authentication code_course_bouchra_echandouriMessage authentication code_course_bouchra_echandouri
Message authentication code_course_bouchra_echandouriBouchra Echandouri
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication CodeKeval Bhogayata
 

Was ist angesagt? (20)

Key Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating systemKey Distribution Problem in advanced operating system
Key Distribution Problem in advanced operating system
 
Public Key Encryption & Hash functions
Public Key Encryption & Hash functionsPublic Key Encryption & Hash functions
Public Key Encryption & Hash functions
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmac
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signatures
 
MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)MAJOR PROJECT FORMAT--2013(new 1)
MAJOR PROJECT FORMAT--2013(new 1)
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standard
 
CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem CNS - Unit - 4 - Public Key Cryptosystem
CNS - Unit - 4 - Public Key Cryptosystem
 
network security
network securitynetwork security
network security
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic Attack
 
Cryptography
CryptographyCryptography
Cryptography
 
Unit 1
Unit 1Unit 1
Unit 1
 
Symmetric encryption and message confidentiality
Symmetric encryption and message confidentialitySymmetric encryption and message confidentiality
Symmetric encryption and message confidentiality
 
Unit 1 Introducation
Unit 1 IntroducationUnit 1 Introducation
Unit 1 Introducation
 
Message authentication code_course_bouchra_echandouri
Message authentication code_course_bouchra_echandouriMessage authentication code_course_bouchra_echandouri
Message authentication code_course_bouchra_echandouri
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication Code
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
 
RSA Algoritmn
RSA AlgoritmnRSA Algoritmn
RSA Algoritmn
 

Andere mochten auch

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
BAIT1103 Assignment Presentation
BAIT1103 Assignment PresentationBAIT1103 Assignment Presentation
BAIT1103 Assignment Presentationlimsh
 
BAIT1103 Tutorial 7
BAIT1103 Tutorial 7BAIT1103 Tutorial 7
BAIT1103 Tutorial 7limsh
 
Group Assignment - Internet Security
Group Assignment - Internet SecurityGroup Assignment - Internet Security
Group Assignment - Internet Securitylimsh
 
BAIT1103 Tutorial 8
BAIT1103 Tutorial 8BAIT1103 Tutorial 8
BAIT1103 Tutorial 8limsh
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11limsh
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 

Andere mochten auch (7)

BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
BAIT1103 Assignment Presentation
BAIT1103 Assignment PresentationBAIT1103 Assignment Presentation
BAIT1103 Assignment Presentation
 
BAIT1103 Tutorial 7
BAIT1103 Tutorial 7BAIT1103 Tutorial 7
BAIT1103 Tutorial 7
 
Group Assignment - Internet Security
Group Assignment - Internet SecurityGroup Assignment - Internet Security
Group Assignment - Internet Security
 
BAIT1103 Tutorial 8
BAIT1103 Tutorial 8BAIT1103 Tutorial 8
BAIT1103 Tutorial 8
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 

Ähnlich wie BAIT1103 Chapter 3

Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication rajakhurram
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolCT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolHarini737456
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Gunaspresentation1
Gunaspresentation1Gunaspresentation1
Gunaspresentation1anchalaguna
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case studyMayuri Patil
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network securitybabak danyal
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos ProtocolNetwax Lab
 
TLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsTLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsNitin Ramesh
 
Authentication in manet
Authentication in manetAuthentication in manet
Authentication in manetmmubashirkhan
 

Ähnlich wie BAIT1103 Chapter 3 (20)

Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
1165839977.pptx
1165839977.pptx1165839977.pptx
1165839977.pptx
 
Kerberos
KerberosKerberos
Kerberos
 
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolCT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
 
Kerberos
KerberosKerberos
Kerberos
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
6. Kerberos.ppt
6. Kerberos.ppt6. Kerberos.ppt
6. Kerberos.ppt
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
Gunaspresentation1
Gunaspresentation1Gunaspresentation1
Gunaspresentation1
 
kerberos
kerberoskerberos
kerberos
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case study
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network security
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos Protocol
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
 
Kerberos
KerberosKerberos
Kerberos
 
TLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsTLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured Communications
 
Authentication in manet
Authentication in manetAuthentication in manet
Authentication in manet
 

Mehr von limsh

BAIT2164 Topics for Revision
BAIT2164 Topics for RevisionBAIT2164 Topics for Revision
BAIT2164 Topics for Revisionlimsh
 
BAIT2164 Tutorial 9
BAIT2164 Tutorial 9BAIT2164 Tutorial 9
BAIT2164 Tutorial 9limsh
 
BAIT2164 Tutorial 8
BAIT2164 Tutorial 8BAIT2164 Tutorial 8
BAIT2164 Tutorial 8limsh
 
BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)limsh
 
BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)limsh
 
BAIT2164 Tutorial 5
BAIT2164 Tutorial 5BAIT2164 Tutorial 5
BAIT2164 Tutorial 5limsh
 
BAIT2164 Tutorial 4
BAIT2164 Tutorial 4BAIT2164 Tutorial 4
BAIT2164 Tutorial 4limsh
 
BAIT2164 Tutorial 3
BAIT2164 Tutorial 3BAIT2164 Tutorial 3
BAIT2164 Tutorial 3limsh
 
BAIT2164 Tutorial 2
BAIT2164 Tutorial 2BAIT2164 Tutorial 2
BAIT2164 Tutorial 2limsh
 
BAIT2164 Tutorial 1
BAIT2164 Tutorial 1BAIT2164 Tutorial 1
BAIT2164 Tutorial 1limsh
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7limsh
 
BAIT1103 Tutorial 6
BAIT1103 Tutorial 6BAIT1103 Tutorial 6
BAIT1103 Tutorial 6limsh
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6limsh
 
BAIT1103 Tutorial 5
BAIT1103 Tutorial 5BAIT1103 Tutorial 5
BAIT1103 Tutorial 5limsh
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5limsh
 
BAIT1103 Tutorial 4
BAIT1103 Tutorial 4BAIT1103 Tutorial 4
BAIT1103 Tutorial 4limsh
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4limsh
 
BAIT1103 Tutorial 3
BAIT1103 Tutorial 3BAIT1103 Tutorial 3
BAIT1103 Tutorial 3limsh
 
BAIT1103 Tutorial 2
BAIT1103 Tutorial 2BAIT1103 Tutorial 2
BAIT1103 Tutorial 2limsh
 

Mehr von limsh (20)

BAIT2164 Topics for Revision
BAIT2164 Topics for RevisionBAIT2164 Topics for Revision
BAIT2164 Topics for Revision
 
BAIT2164 Tutorial 9
BAIT2164 Tutorial 9BAIT2164 Tutorial 9
BAIT2164 Tutorial 9
 
BAIT2164 Tutorial 8
BAIT2164 Tutorial 8BAIT2164 Tutorial 8
BAIT2164 Tutorial 8
 
BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)BAIT2164 Tutorial 6 (Part 2)
BAIT2164 Tutorial 6 (Part 2)
 
BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)BAIT2164 Tutorial 6 (Part 1)
BAIT2164 Tutorial 6 (Part 1)
 
BAIT2164 Tutorial 5
BAIT2164 Tutorial 5BAIT2164 Tutorial 5
BAIT2164 Tutorial 5
 
BAIT2164 Tutorial 4
BAIT2164 Tutorial 4BAIT2164 Tutorial 4
BAIT2164 Tutorial 4
 
BAIT2164 Tutorial 3
BAIT2164 Tutorial 3BAIT2164 Tutorial 3
BAIT2164 Tutorial 3
 
BAIT2164 Tutorial 2
BAIT2164 Tutorial 2BAIT2164 Tutorial 2
BAIT2164 Tutorial 2
 
BAIT2164 Tutorial 1
BAIT2164 Tutorial 1BAIT2164 Tutorial 1
BAIT2164 Tutorial 1
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7
 
BAIT1103 Tutorial 6
BAIT1103 Tutorial 6BAIT1103 Tutorial 6
BAIT1103 Tutorial 6
 
BAIT1103 Chapter 6
BAIT1103 Chapter 6BAIT1103 Chapter 6
BAIT1103 Chapter 6
 
BAIT1103 Tutorial 5
BAIT1103 Tutorial 5BAIT1103 Tutorial 5
BAIT1103 Tutorial 5
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5
 
BAIT1103 Tutorial 4
BAIT1103 Tutorial 4BAIT1103 Tutorial 4
BAIT1103 Tutorial 4
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4
 
BAIT1103 Tutorial 3
BAIT1103 Tutorial 3BAIT1103 Tutorial 3
BAIT1103 Tutorial 3
 
BAIT1103 Tutorial 2
BAIT1103 Tutorial 2BAIT1103 Tutorial 2
BAIT1103 Tutorial 2
 

Kürzlich hochgeladen

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 

Kürzlich hochgeladen (20)

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 

BAIT1103 Chapter 3

  • 1. Chapter 3 Authentication Applications Key Distribution & User Authentication
  • 2. Objectives • Understand the issues involved in the use of symmetric encryption to distribute symmetric keys. • Give a presentation on Kerberos. • Explain the differences between versions 4 and 5 of Kerberos. • List and explain the elements in an X.509 certificate.
  • 3. No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman he would fear that some devil might take advantage of his weak state to slip into his body. —The Golden Bough, Sir James George Frazer
  • 4. Symmetric Key Distribution using symmetric encryption • For symmetric encryption to work, the two parties to an exchange must share the same key, and that key must be protected from access by others • Frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key • Key distribution technique • The means of delivering a key to two parties that wish to exchange data, without allowing others to see the key
  • 5. Key Distribution • For two parties A and B, there are the following options: 1 2 3 4 • A key can be selected by A and physically delivered to B • A third party can select the key and physically deliver it to A and B • If A and B have previously and recently used a key, one party could transmit the new key to the other, using the old key to encrypt the new key • If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B
  • 6. Key Distribution • Options 1 and 2 call for manual delivery of a key • For link encryption, this is a reasonable requirement, because each link encryption device is only going to be exchanging data with its partner on the other end of the link • For end-to-end encryption, manual delivery is awkward – in a distributed system, any given host may need to engage in exchanges with many other hosts over time, thus, each device needs a number of keys supplied dynamically. • Option 3 is a possibility for either link encryption or end-toend encryption, but if an attacker ever succeeds in gaining access to one key, then all subsequent keys are revealed. • Even if frequent changes are made to the link encryption keys, these should be done manually • To provide keys for end-to-end encryption, Option 4 is preferable.
  • 7. Key Distribution • For Option 4, two kinds of keys are used: 1. Session key: • When two end systems (hosts, terminals, etc.) wish to communicate, they establish a logical connection (e.g. virtual circuit). • For the duration of that logical connection, called a session, all user data are encrypted with a one-time session key. • At the conclusion of the session the session key is destroyed. 2. Permanent key: • A permanent key is a key used between entities for the purpose of distributing session keys. • A necessary element of option 4 is a key distribution center (KDC)
  • 8. Key Distribution • KDC determines which systems are allowed to communicate with each other. • When permissions is granted for two systems to establish a connection, the key distribution center provides a one-time session key for that connection. • The automated key distribution approach provides the flexibility and dynamic characteristics needed to allow a number of users to access a number of servers and for the servers to exchange data with each other. • The most widely used application that implements this approach is Kerberos.
  • 9. The Operation of KDC 1. 2. 3. When host A wishes to set up a connection to host B, it transmits a connection-request packet to the KDC. The communication between A and KDC is encrypted using a master key shared only by A and KDC. If KDC approves the connection request, it generates a unique one-time session key. It encrypts the session key using the permanent key it shares with A and delivers the encrypted session key to A. Similarly, it encrypts the session key using the permanent key it shares with B and delivers the encrypted session key to B. A and B can now set up a logical connection and exchange messages and data, all encrypted using the temporary session key. Session key MKA, PKA 3 Host A 1 MKB, PKB Host B messages PKA Session key Connectionrequest 2 MKA KDC MKA, PKA MKB, PKB MK = master key PK = permanent key Session key 2 PKB
  • 10. Kerberos • Key distribution and user authentication service developed at MIT • Provides a centralized authentication server whose function is to authenticate users to servers and servers to users • Relies exclusively on symmetric encryption, making no use of public-key encryption Two versions are in use • Version 4 implementations still exist, although this version is being phased out • Version 5 corrects some of the security deficiencies of version 4 and has been issued as a proposed Internet Standard (RFC 4120)
  • 11. Problem Kerberos addresses • Assume an open distributed environment in which users at workstations wish to access services on servers distributed throughout the network. • Servers are able to restrict access to authorized users and are able to authenticate requests for service. • A workstation cannot be trusted to identify its users correctly to network services. • The following three threats exist: • A user may gain access to a particular workstation and pretend to be another user operating from that workstation • A user may alter the network address of a workstation so that the requests sent from the altered workstation appear to come from the impersonated workstation. • A user may eavesdrop on exchanges and use a replay attack to gain entrance to a server or to disrupt operations.
  • 12. Kerberos requirements The first published report on Kerberos [STEI88] listed the following requirements: • Secure: A network eavesdropper should not be able to obtain the necessary information to impersonate a user. More generally, Kerberos should be strong enough that a potential opponent does not find it to be the weak link. • Reliable: For all services that rely on Kerberos for access control, lack of availability of the Kerberos service means lack of availability of the supported services. Hence, Kerberos should be highly reliable and should employ a distributed server architecture, with one system able to back up another. • Transparent: Ideally, the user should not be aware that authentication is taking place, beyond the requirement to enter a password. • Scalable: The system should be capable of supporting large numbers of clients and servers. This suggests a modular, distributed architecture.
  • 13. Kerberos version 4 • A basic third-party authentication scheme • Authentication Server (AS) • Users initially negotiate with AS to identify self • AS provides a non-corruptible authentication credential (ticket granting ticket TGT) • Ticket Granting Server (TGS) • Users subsequently request access to other services from TGS on basis of users TGT • Complex protocol using DES
  • 14. A simple authentication dialogue Terms: C = Client AS = authentication server V = server IDc = identifier of user on C IDv = identifier of V Pc = password of user on C ADc = network address of C Kv = secret encryption key shared by AS and V TS = timestamp || = concatenation • A simple authentication step flows: Client’s (ID + Password) + Server’s ID (1) : C  AS : (2): IDc || Pc || IDv AS  C : Ticket Encrypted by secret encryption key shared by AS and V [ Client’s (ID + Password) + Server’s ID ] Ticket = E(Kv[IDc || ADc || IDv] (3): CV : IDc || Ticket
  • 15. A simple authentication dialogue • Each of the ingredients of message (3) is significant. • The ticket is encrypted to prevent alteration or forgery • The server’s ID (IDv) is included in the ticket so that the server can verify that it has decrypted the ticket properly. • IDc is included in the ticket to indicate that this ticket has been issued on behalf of C. • ADc serves to counter threat of an opponent captures the ticket transmitted in message (2), then use the name IDc and transmit a message of form (3) from another workstation. • To prevent this attack, AS includes in the ticket the network address from which the original request came. • The ticket is valid only if it is transmitted from the same workstation that initially requested the ticket.
  • 16. A more secure authentication dialogue • Problems: 1. Minimize then number of times that a user has to enter a password. • 2. Suppose each ticket can be used only once Plaintext transmission of the password in message (1). • An eavesdropper could capture the password and use any service accessible to the victim • To solve these additional problems, a scheme for avoiding plaintext passwords and a new server is introduced as the ticket-granting server (TGS). • TGS issues tickets to users who have been authenticated to AS.
  • 17. A More secure authentication dialogue 1. The client (C) requests a ticket-granting ticket on behalf of the user by sending its user’s ID to AS with TGS ID. 2. AS responds with ticket (encrypted with key derived from user’s password [Kc]. When this response arrives at C, user is prompted for password, generates the key, and attempts to decrypt incoming message. 3. C requests a service-granting ticket on behalf of user. C transmits a message to TGS containing user’s ID, the ID of desired service (IDv) and ticket-granting ticket. 4. TGS decrypts incoming ticket using a key shared only by AS and TGS (Ktgs) and verifies success of decryption by its ID, checks expiry of lifetime, and compares user ID and network address. If user is permitted access to server V, TGS issues a ticket. 5. C requests access to a service on behalf of user. C transmits message to server containing user’s ID and service-granting ticket. Server authenticates by using the contents of the ticket. Once per user logon session: (1) C  AS : IDc || IDtgs (2) AS  C : E(Kc, Tickettgs) Once per type of service: (3) C  TGS: IDc || IDv || Tickettgs (4) TGS  C: Ticketv Once per service session: (5) C  V: IDc || Ticketv *Tickettgs = E(Ktgs,[IDc || ADc || IDtgs || TS1 || Lifetime1 ]) *Ticketv = E(Kv,[IDc || ADc || IDv || TS2 || Lifetime2 ])
  • 18. Version 4 authentication dialogue • Problems: • Lifetime associated with the ticket-granting ticket 1. 2. If lifetime is too short (e.g. minutes), then the user will be repeatedly asked for password. If lifetime is too long (e.g. hours), then an opponent has greater opportunity to replay. • An opponent could eavesdrop and capture a copy of the ticket-granting ticket and then wait for the legitimate user to log out. Then the opponent could forge the legitimate user’s network address and send the message (3) to TGS. • An opponent captures a service-granting ticket and uses it before it expires. • Solutions: • A network service (TGS or application service) must be able to prove that the person using a ticket is the same person to whom the ticket was issued. • For servers to authenticate themselves to users to prevent sabotage of false server in a position to act as a real server, capture any information from the user and deny the true service to user.
  • 19. Table 4.1 Summary of Kerberos Version 4 Message Exchanges
  • 20. • AS provides C and TGS with a secret piece of information in a secure manner. C can prove its identity to TGS by revealing the secret information, again in a secure manner. An efficient way of accomplishing this is to use an encryption key as the secure information – a session key in Kerberos. • C sends message to AS requesting access to TGS. • AS responds with message encrypted with a key derived from user’s password (Kc), that contains the ticket. • The encrypted message also contains a copy of the session key, Kc,tgs (for both C and TGS). • Because this session key is inside message encrypted with Kc only C can read it. Same session key is included in the ticket, which can be read only by TGS. • Thus, the session key has been securely delivered to both C and TGS.
  • 21. • C sends TGS a message includes the ticket plus the ID of the requested service. In addition, C transmits an authenticator, which includes ID and address of C’s user and a timestamp. • Unlike the ticket which is reusable, the authenticator is intended for use only once and has a very short lifetime. • TGS decrypt the ticket with the key shared with AS. This ticket indicates C has been provided session key Kc,tgs. TGS uses the session key to decrypt the authenticator. TGS checks name and address from authenticator with that of the ticket and with the network address of incoming message. • TGS replies with message encrypted with session key shared by TGS and C and includes session key to be shared between C and server V, the ID of V, and the timestamp. The ticket itself includes the same session key.
  • 22. • C now has a reusable service-granting ticket for V. When C presents the ticket, it also sends an authenticator. V can decrypt the ticket, recover the session key, and decrypt the authenticator. • If mutual authentication is required, the server can reply to C the value of timestamp from the authenticator, incremented by 1, and encrypted in the session key. C can decrypt this message to recover the incremented timestamp. • Because the message was encrypted by the session key, C is assured that it could have been created only by V. The contents of the message assure C that this is not a replay of an old replay.
  • 23.
  • 24.
  • 25. Kerberos Realms • Kerberos realm • A set of managed nodes that share the same Kerberos database • The Kerberos database resides on the Kerberos master computer system, which should be kept in a physically secure room • A read-only copy of the Kerberos database might also reside on other Kerberos computer systems • All changes to the database must be made on the master computer system • Changing or accessing the contents of a Kerberos database requires the Kerberos master password A Kerberos environment consists of: A Kerberos server • Have user ID and hashed passwords of all participating users • Have shared secret key with each server A number of clients A number of application servers
  • 26. Kerberos principal • A service or user that is known to the Kerberos system • Each Kerberos principal is identified by its principal name A service or user name An instance name A realm name Principal names consist of three parts Principal name
  • 27. Differences between versions 4 and 5 Environmental shortcomings • Encryption system dependence • Internet protocol dependence • Message byte ordering • Ticket lifetime • Authentication forwarding • Interrealm authentication Technical deficiencies • Double encryption • PCBC encryption • Session keys • Password attacks
  • 28. Environmental Shortcomings Version 4 Version 5 Encryption system dependence DES Ciphertext tagged with an encryption-type identifier so any encryption technique may be used Internet protocol dependence Internet Protocol (IP) addresses Network addresses are tagged with type & length, allowing any network address type Message byte ordering Byte ordering of its own choosing Abstract Syntax Notation One (ASN.1) & Basic Encoding Rules (BER) provide unambiguous byte ordering Ticket lifetime 8-bit quantity in units of five minutes Explicit start time & end time, allowing arbitrary lifetimes Authentication forwarding Does not allow credentials issued to one client to be forwarded to some other host and used by other client Provides this capability E.g. client issues a request to a print server then accesses the client’s file from a file server, using the client’s credentials for access Interrealm authentication Interoperability among N Supports method that requires fewer 2 relationships realms requires the order of N Kerberos-to-Kerberos relationships
  • 29. Technical Deficiencies Version 4 Version 5 Double encryption Tickets provided to clients are encrypted twice – once with the secret key of target server and then again with a secret key known to the client Second encryption is not necessary and is computationally wasteful PCBC encryption Nonstandard mode of DES – propagating cipher block chaining (PCBC) – vulnerable to attack Integrity mechanisms, allowing standard CBC mode for encryption – checksum or hash code is attached to message prior to encryption using CBC Session keys Same ticket may be used repeatedly to gain service from server, risk of replay messages from old session to client or server Possible for client and server to negotiate a subsession key which to be used for that one connection – new access requires new subsession key Password attacks Vulnerable to password attack Provide mechanism known as preauthentication – make password attacks more difficult but does not prevent them
  • 31. • C requests for ticket-granting ticket in message (1). As before, it includes the ID of user and TGS with following new elements added: • Realm: indicates realm of user • Options: used to request that certain flags be set in the returned ticket • Times: used by C to request following time settings in the ticket: • • Till: the requested expiration time for the requested ticket • • From: the desired start time for the requested ticket rtime: requested renew-till time Nonce: A random value to be repeated in message (2) to assure that the response is fresh and has not been replayed • AS returns a ticket-granting ticket, identifying information for client, and a block encrypted using encryption key based on user’s password. This block includes session key for C and TGS, times specified and nonce in (1), and TGS identifying information. • The ticket includes session key, identifying information for C, requested time values, and flags that reflect status of the ticket and the requested options.
  • 32. V4 V5 • Message (3) for both versions includes authenticator, a ticket and the name of the requested service. In addition, version 5 includes requested times and options for the ticket and a nonce • Message (4) returns a ticket plus information needed by C, with information encrypted using the session key now shared by C and TGS
  • 33. V4 V5 • In message (5), C may request as an option that mutual authentication is required. The authenticator includes new fields: • Subkey: C’s choice for an encryption key to be used to protect this specific application session. If this field is omitted, the session key from ticket (Kc,v) is used, • Sequence number: optional field that specified the starting sequence number to be used by the server for messages sent to the client during this session. Messages may be sequence numbered to detect replays. • If mutual authentication is required, server V responds with message (6) includes timestamp from authenticator without increment of one because it is not possible to create message (6) without appropriate encryption keys. • The subkey field, if present, overrides the subkey field in message (5). The optional sequence number field specifies the starting sequence number to be used by C.
  • 34. X.509 Certificates • ITU-T recommendation X.509 is part of the X.500 series of recommendations that define a directory service • The directory is, in effect, a server or distributed set of servers that maintains a database of information about users. • The information includes a mapping from user name to network address, other attributes and information about users. • Defines a framework for the provision of authentication services by the X.500 directory to its users • The directory may serve as a repository of public-key certificates • Defines alternative authentication protocols based on the use of public-key certificates • Was initially issued in 1988 • Based on the use of public-key cryptography and digital signatures • The standard does not dictate the use of a specific algorithm but recommends RSA. The digital signature scheme is assumed to require the use of hash function.
  • 35. • • • • • • • • • • • Version: Differentiates among successive versions of certificate format (default version 1) Serial number: An integer value, unique within the issuing CA Signature algorithm identifier: algorithm used to sign certificate Issuer name: X.500 name of CA Period of validity: 1st and last dates which certificate is valid Subject name: name of the user to whom this certificate refers Subject’s public-key info: public key, identifier of algorithm, associated parameters Issuer unique identifier: optional bit string field to identify CA Subject unique identifier: optional bit string field to identify subject Extensions: a set of one or more extension fields Signature: contains hash code of the other fields encrypted with CA’s private key
  • 36. • The CA signs the certificate with its private key. • If the corresponding public key is known to a user, then that user can verify that a certificate signed by the CA is valid. • This is the typical digital signature approach
  • 37. Obtaining a user’s certificate • User certificates generated by a CA have the following characteristics: • Any user with access to the public key of the CA can verify the user public key that was certified • No party other than the certification authority can modify the certificate without this being detected • Because certificates are unforgeable, they can be placed in a directory without the need for the directory to make special efforts to protect them
  • 38. The connected circles indicate the hierarchical relationship among the CAs; the associated boxes indicate certificates maintained in the directory for each CA entry. The directory entry for each CA includes two types of certificates: • Forward certificates: Certificates of X generated by other CAs • Reverse certificates: Certificates generated by X that are the certificates of • other CAs
  • 39. Revocation of certificates • Each certificate includes a period of validity • Typically a new certificate is issued just before the expiration of the old one • It may be desirable on occasion to revoke a certificate before it expires for one of the following reasons: • The user’s private key is assumed to be compromised • The user is no longer certified by this CA; reasons for this include subject’s name has changed, the certificate is superseded, or the certificate was not issued in conformance with the CA’s policies • The CA’s certificate is assumed to be compromised
  • 40. X.509 Version 3 The X.509 version 2 format does not convey all of the information that recent design and implementation experience has shown to be needed. [FORD95] lists the following requirements not satisfied by version 2: 1. The Subject field is inadequate to convey the identity of a-key owner to a public-key user. X.509 names may be relatively short and lacking in obvious identification details that may be needed by the user. 2. The Subject field is also inadequate for many applications, which typically recognize entities by an Internet e-mail address, a URL, or some other Internet related identification. 3. There is a need to indicate security policy information. This enables a security application or function, such as IPSec, to relate an X.509 certificate to a given policy. 4. There is a need to limit the damage that can result from a faulty or malicious CA by setting constraints on the applicability of a particular certificate. 5. It is important to be able to identify different keys used by the same owner at different times. This feature supports key life cycle management, in particular the ability to update key pairs for users and CAs on a regular basis or under exceptional circumstances.
  • 41. X.509 Version 3 Includes a number of optional extensions that may be added to the version 2 format Each extension consists of: • An extension identifier • A criticality indicator • An extension value The certificate extensions fall into three main categories: • Key and policy information • Subject and issuer attributes • Certification path constraints
  • 42. Key and policy information • These extensions convey additional information about the subject and issuer keys, plus indicators of certificate policy • A certificate policy is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements Includes: • • • • • • Authority key identifier Subject key identifier Key usage Private-key usage period Certificate policies Policy mappings
  • 43. Certificate subject and issuer attributes • These extensions support alternative names, in alternative formats, for a certificate subject or certificate issuer and can convey additional information about the certificate subject to increase a certificate user’s confidence that the certificate subject is a particular person or entity Includes: • Subject alternative name • Issuer alternative name • Subject directory attributes
  • 44. Certification path constraints • These extensions allow constraint specifications to be included in certificates issued for CAs by other CAs • The constraints may restrict the types of certificates that can be issued by the subject CA or that may occur subsequently in a certification chain Includes: • Basic constraints • Name constraints • Policy constraints
  • 45. Summary • Symmetric key distribution using symmetric encryption • Key distribution center (KDC) • Kerberos • • Version 4 • A simple authentication dialogue • A more secure authentication dialogue • Version 4 Authentication dialogue • Kerberos realms Version 5 • Differences between version 4 and 5 • Version 5 Authentication dialogue • X.509 certificates • Certificates • Obtaining a user’s certificate • Revocation of certificates • X.509 Version 3