Security. Security Needs. Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to the genuine users. Security policy is to ensure that. Security Services. Authentication Access control Data confidentiality
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Security
Security Needs
Security policy is to ensure that
Security Services
Security Services
Authentication
Security Services
Access control
Security Services
Data confidentially
Security Services
Data integrity
Security Services
Non-repudiation
Security Mechanisms
To provide security services, some specific security mechanisms may be implemented:
DES
Encryption
64 bit message
56 bit key
DES Overview
64 bit ciphertext
Strength of DES
Strength of DES
k2
k1
k1
DES
Encrypt
DES
Decrypt
DES
Encrypt
ciphertext
plaintext
Triple DES
k2
k1
k1
DES
Decrypt
DES
Encrypt
DES
Decrypt
plaintext
ciphertext
Triple DES
Triple DES
AES
AES
Public Key Encryption
Public Key Encryption
Plaintext
Encryption
Decryption
Key K1
Key K2
Two Keys
English
Message
Encryption
Decryption
English
Message
Alice’s
Private
Key K1
Alice’s
Public
Key K2
Bob
Alice
Proof of Identity
English
Message
Encryption
Encryption
Encrypted
Message
Alice’s
Private Key
Bob’s
Public Key
Alice
Confidentiality + Identity
RSA Algorithm
Input = x
(variable
Length)
Hash Function
Output = y
(fixed length)
Hash Function
MD5
Secure Hash Algorithm (SHA)
Digital Signature
…..
……
…..
…..
…..
……
…..
…..
Alice’s Private key
DS
Hash
Encrypt
Alice
Digital Signature Generation
…..
……
…..
…..
Hash
Alice’s Public key
DS
Compare
Decrypt
Equal => authentic message
Not equal => non-authentic
Bob
Digital Signature Verification
Public Key Infrastructure
Bob
Public key
Alice
Public key
Eve
Public key
David
Public key
Web of Trust
Certification Authority
CA
d
c
a
b
A CA Supporting Many Users
Certificate
CA
Alice’s certificate
Other certificates
to other users
Cert. I.D.:123716
Name:Alice
Public key:001010…
Valid date:xx to yy
……
……
Sign:________
Signed by CA
Certificate
Revocation
Public Key Infrastructure
Public Key Infrastructure
CA 3
CA 2
CA 4
CA 1
user 6
user 1
user2
user 3
user 4
user 5