- By
**liora** - Follow User

- 66 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about 'E-Commerce Architectures and Technologies' - liora

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Email

Email

Security Service Layers

Non-repudiation

Data Integrity

Data Confidentiality

Access Control

Authentication

Authentication

- Typically the first step to gain access to a system
- user name and password
- Process of proving your identity
- Kerberos is an example
- Data Origin Authentication Service
- provides confirmation that the source of data received is as claimed.
- Peer-Entity Authentication Service
- provides confirmation that a peer entity in an association is the one claimed

Access Control

- Provides protection against the unauthorized use of accessible resources using network protocols
- permissions for files, directories, and processes
- Specifies what resources a user or service may access on the network
- A prerequisite for access control is proper authentication

Data Confidentiality

- Protection of data from unauthorized disclosure
- connection confidentiality
- connectionless confidentiality
- traffic flow confidentiality
- Protection of data from passive threats

Data Integrity

- Provides protection from active threats
- Connection Integrity with Recovery Service
- Connection Integrity without Recovery Service
- Selective Field Connection Integrity Service
- Connectionless Integrity Service
- Selective Field Connectionless Integrity Service

Non-repudiation

- The denial by one of the entities involved in a communication of having participated in all or part of the communication
- Prevents one of the entities involved in a communication to later deny having participated in all or part of the communication
- Non-Repudiation of Origin Service
- Non-Repudiation of Receipt Service

Telnet

HTTP

HTTP

FTP

FTP

TCP

TCP

TCP

TCP

IP

IP

IP

IP

Security Transport ProtocolsSecure Messaging

(S-MIME, PGP)

Telnet over SSL

FTP over SSL

HTTP over SSL

Secure Telnet

Secure HTTP

Secure FTP

SSL

Network layer

Transport layer

Application layer

Above the

application layer

Historical Ciphers

- Nonstandard hieroglyphics, 1900BC
- Atbash cipher (Old Testament, reversed Hebrew alphabet, 600BC)
- Caesar cipher;
- letter = letter + 3
- ‘fish’ -> ‘ilvk’
- rot13: Add 13/swap alphabet halves
- usenet convention used to hide possibly offensive jokes
- applying it twice restores original text

Substitution Ciphers

- Simple substitution cipher;
- a=p, b=m, c=f…
- Break via letter frequency analysis
- Polyalphabetic substitution cipher
- 1. A=p, b=m, c=f…
- 2. A=l, b=t, c=a…
- 3. A=f, b=x, c=p,…
- Break by decomposing into individual alphabets, then solve as simple substitution

One-time Pad (1917)

- OTP is unbreakable provided
- pad is never reused
- unpredictable random numbers are used (physical sources, eg radioactive decay)

Message s e c r e t

18 5 3 17 5 19

OTP +15 8 1 12 19 5

--------------------------------------------------

17 13 4 3 24 24

g m d c x x

One time Pad

- Used by
- Russian spies
- Washington-Moscow “hot-line”
- CIA covert operations
- Many snake oil algorithms claim unbreakability by claiming to be a OTP
- pseudo-OTPs provide pseudo-security
- Cipher machines attempted to create approximations to OTPs, first mechanically, then electronically

Cipher Machines (1920)

- Basic component is a wired rotor
- simple substitution
- Step the rotor after each letter
- polyalphabetic substitution, period = 26

-> ‘M’

‘A’ ->

Cipher Machines

- Chain multiple rotors
- Each steps the next one when a full turn is complete

-> ‘P’

‘A’ ->

Cipher Machines

- Two rotors, period = 26 X 26 = 676
- Three rotors, period = 26 X 26 X 26 = 17,576
- Rotor sizes are chosen to be relatively prime to give maximum-length sequence
- Key is rotor wiring and rotor start position

Cipher Machines

- Famous rotor machines
- Japan, Red, Purple
- Germany, Enigma
- Secure if used properly
- use of predictable openings (“nothing to report”, “Mein Fuehrer”)
- use of same key over an extended period

Stream Ciphers

- Binary pad (keystream), use XOR instead of addition
- Plaintext = original, unencrypted data
- Ciphertext = encrypted data
- Two XORs with the same data always cancel out

Plaintext 1 0 0 1 0 1 1

Keystream 0 1 0 1 1 0 1

Ciphertext 1 1 0 0 1 1 0

Keystream 0 1 0 1 1 0 0

Plaintext 1 0 0 1 0 1 1

Stream Ciphers

- Using the keystream and ciphertext we can recover the plaintext
- But..using the plaintext and ciphertext we can recover the keystream
- Using two ciphertexts from the same keystream we can recover the XOR of the plaintexts
- Any two will recover the third (don’t reuse keys of stream cipher)

RC4

- Stream cipher optimized for fast software implementation
- 2048 bit key, 8 bit output
- Extremely fast
- Used in SSL (Netscape, MSIE), Lotus Notes, Windows, Adobe Acrobat, Oracle Server
- Easy to get wrong

Block Ciphers

- F() function is a simple transformation, does not have to be reversible
- Each step is called a round, the more rounds, the greater the security
- DES is an example of block cipher
- 16 rounds
- 56 bit key
- 64 bit block size (L,R = 32 bits)

Attacking Block Ciphers

- Differential cryptanalysis
- looks for correlations in f() function input and output
- Linear cryptanalysis
- looks for correlations between key and cipher input and output
- Related-key cryptanalysis
- looks for correlations between key changes and cipher input/output

Data Encryption Standard (DES)

- Widely-used method of encryption using a private (secret) key
- Restricted for exportation to other countries
- 72 quadrillion or more possible encryption keys that can be used
- For each given message, the key is chosen at random from among this number of keys
- Sender and receiver must know and use the same private key

Strength of DES

- Key size = 56 bits
- Brute force = 2**55 attempts
- Differential cryptanalysis = 2**47
- Linear cryptanalysis = 2**43
- Can be done relatively easily with FPGA or ASIC (8 cents/key)
- 1998: German court ruled DES unsafe for financial applications

Other Block Ciphers

- Triple DES (3DES)
- encrypt+decrypt+encrypt with 2 (112 bits) or 3(168 bits) DES keys
- 1998 - banking auditors were requiring the use of 3DES rather than DES
- RC2
- companion to RC4, 1024 bit key
- RC2 and RC4 have special status for US exportability

Other Block Ciphers

- AES
- Advanced Encryption Standard, replacement for DES
- 128 bit block size, 128/192/256 bit key

Public Key Encryption

- How can you use two different keys?
- One is the inverse of the other:
- key1 = 3, key2 = 1/3, message M = 4
- Encryption: Ciphertext C = M X Key1
- = 4 X 3
- = 12
- Decryption: Plaintext M = C X key2
- = 12 X 1/3
- = 4
- One key is published, one is kept private -> public-key cryptography (PKC)

Example: RSA

- N, e=public key, n=product of two primes q and p
- d=private key
- Encryption: C = M**e mod n
- Decryption: M = C**d mod n
- p,q = 5,7
- n = p X Q
- =35
- e=3
- d= e**-1 mod ((p-1)(q-1))
- = 16

Example: RSA

- Message M = 4
- Encryption: C = 4**3 mod 35 = 29
- Decryption: M 29**16 mod 35 = 4

RSA

- An Internet encryption and authentication system that uses an algorithm developed by Ron Rivest, Adi Shamir, and Leonard Adleman
- Most commonly used encryption and authentication algorithm
- Included as part of the Web browsers from Netscape and Microsoft

RSA

- Other applications;
- Lotus Notes
- Intuit's Quicken
- Owned by RSA Security
- licenses the algorithm technologies
- sells development kits
- technologies are part of existing or proposed Web, Internet, and computing standards

How RSA Works

- Algorithm involves multiplying two large prime numbers (a prime number is a number divisible only by that number and 1) and additional operations to derive a set of two numbers that constitutes the public key and another set that is the private key
- Once the keys have been developed, the original prime numbers are no longer important and can be discarded

How RSA Works

- Both the public and the private keys are needed for encryption /decryption but only the owner of a private key ever needs to know it
- Using the RSA system, the private key never needs to be sent across the Internet
- The private key is used to decrypt text that has been encrypted with the public key

How RSA Works

- If I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key
- When you receive it, you decrypt it with your private key

How RSA Works

- You can also authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificate
- When I receive it, I can use your public key to decrypt it.

Public Key Algorithms

- RSA (Rivest-Shamir-Adleman)
- digital signatures and encryption in one algorithm
- private key = sign and decrypt
- public key = signature check and encrypt
- DH (Diffie-Hellman)
- key exchange algorithm

Public Key Algorithms

- DSA (Digital Signature Algorithm)
- All have roughly the same strength
- 512 bit key is marginal
- 1024 bit key is recommended minimal size
- 2048 bit key is better for long term security

Symmetric key

- Same key used to encrypt and decrypt
- Sender and receiver must hold same secret or key confidentiality
- Data Encryption Standard (DES) algorithm
- Merchants must administer secret keys to all customers and provide them through secure channel (hard!)

Asymmetric key

- Two distinct keys
- public key
- private key
- Data encrypted using public key can only be decrypted using the corresponding private key
- Multiple senders can encrypt information using the public key
- receiver uses the private key to decrypt
- Receiver must protect the private key

Private key

Encrypted

digital

signature

What the Sender DoesMessage

to send

Hash

algorithm

Message

digest

Sender

Digital

signature

Encryption

Random

key

Random

key

Receiver

public

key

Encrypted

message

Digital envelope

Receiver

1011001

Message

digest

Message

digest

Encrypted

message

Encrypted

digital

signature

What the Receiver Does

Sender

Random

key

Receiver

Private key

Original

Message

Digital envelope

Hash

function

Sender

public

key

Hash Algorithms

- Reduce variable length input to fixed length (128 or 160 bit) output
- Requirements
- can’t deduce input from output
- can’t generate a given output (CRC fails this requirement)
- can’t find two inputs which produce the same output (CRC fails this too)

Hash Algorithms

- Used to
- produce fixed length fingerprint of arbitrary length data
- produce data checksums to enable detection of modifications
- distill passwords down to fixed length encryption keys
- Also called message digests or fingerprints

Public-key cryptography

- Easier for customer to download public key from a merchant
- Public-key can be used with secret-key without too much difficulty
- customer generates a random number used to encrypt payment info using DES
- DES key is then encrypted using the public key of the merchant
- info and encrypted key sent tp merchant
- merchant first decrypts the key; then uses key to decrypt payment information

Secret key and Public Key

Features

Secret Key

Public Key

Number of keys

Single key

Pair of keys

Type of keys

Key is secret

One key is

private, one key

is public

Key

Simple but difficult

Need digital

management

to manage

certificates and

trusted third

parties

Relative speeds

Very fast

Slower

Usage

Used for bulk data

Used for less

encryption

demanding

applications

such as

encrypting

small

documents or

to sign

messages

Key Sizes and Algorithms

- Conventional key is used once per message
- Public key is used for hundreds or thousands of messages
- Public key compromise is much more serious than a conventional key compromise
- Compromised logon password, attacker can delete your files

Key Sizes and Algorithms

- Compromised private key, attacker can
- drain credit card
- clean out bank account
- sign contracts/documents
- identify theft
- 512 public key versus 40 bit conventional key is good balance for weak security

Key Sizes and Algorithms

- Recommendations for public keys
- use 512 bit keys for micropayments/smart cards
- use 1K bit keys for short term use (1 yr)
- use 1.5K bit keys for longer term use
- use2K bit keys for certification authorities, long term contract signing

Digital Signature

confidentiality

Encryption

Basic ServicesPhysical world

Digital world

authentication

Digital Certificate

Certificate request

Digital Certificate

Certificate

Authority

Name

Authority

Serial #

Version

Expiration Date

Key

Digital Signature

X.509

Conventional Encryption

Insecure

channel

secure channel

Problem of communicating a large message in secret is

reduced to communicating a small key in secret

Key Agreement

Key agreement

Insecure

channel

Provides part of the required secure channel for

exchanging a conventional encryption key

public key

John’s

public key

Mary’s

private key

John’s

private key

Mary’s

private key

Certificate AuthorityJohn’s

private key

Certificate Authority

- Trusted Third Party
- similar to a passport office
- Determines policies for PKI
- Registers users, system
- Validates users, privileges
- Issues certificates
- Supports life cycle (revoke, renew)
- Publishes directories
- Manages risk
- Protects CA signing key

Public Key

Infrastructure (PKI)

X.500

Registration

Authority

Certificate

Authority

Mary’s

private key

Mary’s

public key

John’s

private key

John’s

public key

Mary’s

private key

John’s

private key

John’s

private key

Mary’s

public key

Payment Integrity

- Hashing algorithms used to prevent fraud or other sources or error
- generates value unique to the data being sent
- hash value or “message digest”
- one way public cipher
- no secret key
- no way to reproduce the original information
- impossible to hash other data to the same value
- hash value sent with data and used to compare to hash value generated at the other end

Hashing

- Hash algorithm is public
- anyone can alter data and recalculate new value
- Message digest encrypted using private key of the sender
- this is called a “digital signature”
- possible to identify sender
- only the owner of the private key can encrypt message digest
- private key used to encrypt (sign) the information
- public key used to verify signature

digest

Hashing

Message

digest

Hashing

Message

digest

Digital SignaturesCreation

Transmission

Payment

info

Private key

Verification

Reception

Compare the

two

digests

Private key

How safe is a digital signature?

- Algorithm used by SET generates a 160 bit message digest
- changing a single bit in the message will on average change half the bits in the message digest
- Odds of two messages having the same message digest are one in 1,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 (10**16)

Digital Signature Examples

Scenario 1: Susan ordering from Online Mart

1. Only Online Mart can decrypt the order.

2. Verify that Susan sent the order.

Susan

Encrypt with

Online Mart’s

public key

Decrypt with

Online Mart’s

private key

Online Mart

Order Info

Order Info

Digital

signature

Digital

signature

Encrypt with

Susan’s

private key

Decrypt with

Susan’s

public key

Scenario 2: Online Mart sends confidential info to Susan

Online Mart

Susan

Confidential

Info

Encrypt with

Susan’s

public key

Decrypt with

Susan’s

private key

Confidential

Info

Ciphered

text

Payment and Purchase Order Process

- 1. Account holder registration
- 2. Merchant registration
- 3. Account holder (customer) ordering
- 4. Payment authorization

Account holder registration

- Must register with a 3rd party (TP)
- must have a copy of the TP public/private key set
- web page download
- disk
- flashcard
- account holder can register account for Internet use with public key

Account holder registration

- Registration includes
- name and address
- account number
- identifying personal information
- Account holder S/W will
- create/attach account holder public key to form
- generate message digest from the info
- encrypt info and disgest (secret key)
- encrypt secret key using TP public key
- transmit everything to TP

digest

Hashing

Message

digest

Account Holder Registration1

2

Account

holder

public key

3

5

Encrypted

message

Secret

key

Transmission

4

TP

public

key

Third Party Registration

- 1. Decrypts the secret key
- 2. Decrypts the information, message digest, and account holders public key
- 3. Computes and compares message digests
- If information is verified TP digitally signs info with private key and sends back to account holder to save and use in future transactions

message

Message

digest

Message

digest

Third Party Receives Registration2

Encrypted

message

Hashing

3

Reception

Comparison

1

TP

private

key

Merchant Registration

- Merchants must register with TP
- Visa
- Mastercard, etc
- Similar to account registration
- Certified Documentation (CD) transferred to the merchant from the TP for storage on merchant computer

Customer Ordering

- Customer must have copy of merchant public key for particular account type
- Customer asked what type of account
- CD for that account sent
- Customer certifies CD using key
- Customer allowed to shop in the on-line environment
- Customer fills out appropriate information when ordering products

Customer Software

- 1. Encrypts account information with the TP public key
- 2. Attaches encrypted account info to order form
- 3. Creates message digest of order form; digitally signs it with customer private key

Customer Software

- 4. Secret-key encryption for
- order form
- digital signature
- customer CD
- 5. Secret key encrypted with merchants public key
- 6. Secret-key encrypted message transmitted to merchant

Customer Ordering - Order sent to merchant

1

2

3

Hashing

Account

TP

public

key

Encrypted

account

Message

digest

Customer

private

key

Encrypted

message

4

6

Secret key

Transmission

5

Merchant

public key

Customers

CD

Merchant Software Functions

- 1. Decrypt secret key using private key of merchant
- 2. Decrypt order form, digital signature and customer CD using secret ket
- 3. Decrypt MD using customer public key obtained from customer CD (to verify digital signature)
- 4. Calculate MD from order form and compare with customer decrypted MD

Customer Ordering - Merchant receives order

4

2

Encrypted

message

Message

digest

Reception

Encrypted

message

Hashing

Compare

Message

digest

Customer’s

public key

3

1

Merchant

private

key

TP

public key

Customer’s

public key

Customers

CD

Certificates: Need for Authentication

- Before using public-key cryptography, need to make sure other party is authenticated
- want to make sure other party’s public key is really theirs and not an imposter’s
- impractical to receive this information directly from the other party over a secure channel

Certificates: Need for Authentication

- Alternative is to use a trusted third party
- Certificate Authority (CA) used to authenticate public key
- authenticate based on published policies
- certificate generated which includes name and public key and digitally signed by CA

Certificate Classes

- Class 1
- automated unambiguous name and e-mail address search
- Class 2
- Class 1 plus automated enrollment information check (driver’s license, SSN, DOB) and automated address check (US and Canada)
- Class 3
- Class 1 plus personal presence and ID documents plus Class 2 automated ID check for individuals (credit check); business records for organizations

Certificate Classes

- Primary commercial issuers
- Verisign
- CyberTrust
- Issuance through the Web
- Free 6 month Class 1 offerred
- Postal Service entering market

Applications

Applications

S/MIME, PGP

SSL, SSH, Kerberos

Higher-level

net protocols

Higher-level

net protocols

IPSEC

TCP/IP

TCP/IP

Hardware link encryption

Data Link

Data Link

Physical

Physical

Internet

Security Protocol LayersThe further down you go, the more transparent it is.

The further up you go, the easier it is to deploy

Key Management

- Hardest part of cryptography
- Two classes of keys
- Short term session keys (called ephermal keys)
- generated automatically and invisibly
- used for one message or session and discarded
- Long term keys
- generated explicitly by the user

Key Management

- Long term keys are used for two purposes
- authentication
- access control
- integrity
- non-repudiation
- confidentiality
- establish session keys
- protect stored data

Key Management Problems

- Key certification
- Distributing keys
- obtaining someone else’s public key
- distributing your own public key
- Establishing a shared key with another party
- confidentiality: is it really known by the other party?
- Authentication: is it really shared with the other party?

Key Management Problems

- Key storage
- secure storage of keys
- Revocation
- revoking published keys
- determining whether a published key is still valid

Key Lifetimes and Key Compromise

- Authentication keys
- public keys may have an extremely long lifetime (decades)
- private keys/conventional keys have shorter lifetimes (year or two)
- Confidentiality
- should have as short a lifetime as possible
- If the key is compromised
- revoke the key

Key Lifetimes and Key Compromise

- Effects of compromise
- authentication; signed documents are rendered invalid unless timestamped
- confidentiality; all data encrypted with it is compromised

Download Presentation

Connecting to Server..