lec11_crypto5.key.pdf - Nicholas Weaver Computer Science 161 Fall 2019 Key(mis)Management Applied 
 Crypto
 and Crapto 1 How Can We Communicate With

lec11_crypto5.key.pdf - Nicholas Weaver Computer Science...

This preview shows page 1 - 15 out of 58 pages.

Computer Science 161 Fall 2019 Nicholas Weaver Key (mis)Management Applied Crypto and Crapto 1
Image of page 1

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver How Can We Communicate With Someone New? Public-key crypto gives us amazing capabilities to achieve confidentiality, integrity & authentication without shared secrets … But how do we solve MITM attacks? How can we trust we have the true public key for someone we want to communicate with? Ideas? 2
Image of page 2
Computer Science 161 Fall 2019 Nicholas Weaver Trusted Authorities Suppose there’s a party that everyone agrees to trust to confirm each individual’s public key Say the Governor of California Issues with this approach? How can everyone agree to trust them? Scaling: huge amount of work; single point of failure … ... and thus Denial-of-Service concerns How do you know you’re talking to the right authority?? 3
Image of page 3

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver Trust Anchors Suppose the trusted party distributes their key so everyone has it … 4
Image of page 4
Computer Science 161 Fall 2019 Nicholas Weaver 5
Image of page 5

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver 6
Image of page 6
Computer Science 161 Fall 2019 Nicholas Weaver 7 Gavin Newsom's Public Key is 0x6a128b3d3dc67edc74d690b19e072f64.
Image of page 7

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver Trust Anchors Suppose the trusted party distributes their key so everyone has it … We can then use this to bootstrap trust As long as we have confidence in the decisions that that party makes 8
Image of page 8
Computer Science 161 Fall 2019 Nicholas Weaver Digital Certificates Certificate (“cert”) = signed claim about someone’s public key More broadly: a signed attestation about some claim Notation: { M } K = “message M encrypted with public key k” { M } K -1 = “message M signed w/ private key for K” E.g. M = “Nick's public key is K Nick = 0xF32A99B ...” Cert: M, { “Nick's public key … 0xF32A99B ...” } K -1 Gavin = 0x923AB95E12...9772F 9
Image of page 9

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver 10 Gavin Newsom hearby asserts: Nick s public key is K Grant = 0xF32A99B ... The signature for this statement using K -1 Gavin is 0x923AB95E12...9772F
Image of page 10
Computer Science 161 Fall 2019 Nicholas Weaver Gavin Newsom hearby asserts: Nick s public key is K Grant = 0xF32A99B ... The signature for this statement using K -1 is 0x923AB95E12...9772F 11 This
Image of page 11

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver Gavin Newsom hearby asserts: Nick s public key is K Grant = 0xF32A99B ... The signature for this statement using K -1 Gavin is 0x923AB95E12...9772F 12 is computed over all of this
Image of page 12
Computer Science 161 Fall 2019 Nicholas Weaver Gavin Newsom hearby asserts: Nick s public key is K Grant = 0xF32A99B ... The signature for this statement using K -1 Gavin is 0x923AB95E12...9772F 13 and can be validated using:
Image of page 13

Subscribe to view the full document.

Computer Science 161 Fall 2019 Nicholas Weaver Gavin Newsom hearby asserts: Nick s public key is K Grant = 0xF32A99B ...
Image of page 14
Image of page 15
  • Fall '08
  • Staff

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes