slides7

slides7 - CS 531, Fall 2007 Data Origin Authentication Data...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
T 1 Data Origin Authentication CS 531, Fall 2007 Copyright © William C. Cheng no guarantee of timeliness active adversary can change the e-mail message Data origin authentication or message authentication techniques provide to one party which receives a message assurance (through corroborative evidence) of the identity of the party which originated the message useful where one of the parties is not active in the communication e.g., Alice sends an e-mail to Bob data origin authentication implicitly provides data integrity
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
T 2 Public-key Cryptography CS 531, Fall 2007 Copyright © William C. Cheng knowing E e it is computationally infeasible, given a random ciphertext c C , to find m M such that E e (m)=c implies that given e , it is infeasible to determine the corresponding decryption key d Consider {E e : e K} and {D d : d K} E e is viewed as a trapdoor one-way function , with d being the trapdoor information (to compute the inverse function)
Background image of page 2
T 3 Encryption Using Public-key CS 531, Fall 2007 Copyright © William C. Cheng e and c may be sent over the same unsecured channel e can be public and anyone can send to Bob d Passive Adversary encryption E e (m)=c decryption D d (c)=m plaintext source destination m m Alice Bob unsecured channel c key source unsecure channel e
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
T 4 Encryption Using Public-key (Cont. ..) CS 531, Fall 2007 Copyright © William C. Cheng e can be public and anyone can send to Bob if A 1 destroys m 1 , even A 1 cannot recover m 1 from c 1 E e (m 1 )=c 1 A 1 E e (m 2 )=c 2 A 2 E e (m 3 )=c 3 A 3 D d (c 1 )=m 1 D d (c 2 )=m 2 D d (c 3 )=m 3 e c 1 e c 2 e c 3 Bob Physical analog of public-key encryption: Bob has a box with a combination lock and only Bob knows the combination
Background image of page 4
the encryption method is said to be a publick-key encryption scheme if for (e,d) Consider {E e : e K} and {D d : d K} T 5 Publick-key Encryption Scheme CS 531, Fall 2007 Copyright © William C. Cheng e (the public-key ) is made public d (the private-key ) is kept secret it must be computationally infeasible to compute d from e Private key vs. secret key use the term secret key in association with symmetric-key cryptosystem (takes two or more partieis to share a secret) use the term private key in association with public-key cryptosystem (a key is truely private only when one party alone knows it)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
T 6 Necessity of Authentication CS 531, Fall 2007 Copyright © William C. Cheng
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/05/2008 for the course CSCI 531 taught by Professor Cheng during the Spring '08 term at USC.

Page1 / 19

slides7 - CS 531, Fall 2007 Data Origin Authentication Data...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online