cse443-lecture-7-appliedcryptography

cse443-lecture-7-appliedcryptography - Lecture 7 - Applied...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Lecture 7 - Applied Cryptography CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Applied Cryptography • Applied Cryptographic is the art and science of using cryptographic primitives to achieve speciFc goals. – The use of the the tools is called a construction – e.g., encryption (achieves conFdentiality) • Much of network and systems security is based on the integration of constructions with the system. 2 E ( k , d )= c
Background image of page 2
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Some notation … • You will generally see protocols defned in terms oF exchanges containing some notation like – All players are identifed by their frst initial • E.g., Alice= A , Bob= B d is some data pw A is the password For A k AB is a symmetric key known to A and B A + , A - is a public/private key pair For entity A E(k,d) is encryption oF data d with key k h(d) is the hash oF data d S(A - ,d) is the signature (using A ʼ s private key) oF data d – “ + ” is used to reFer to concatenation 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Providing Authenticity/Integrity • Most of what we have talked about so far deals with achieving confdentiality using encryption. • However, and often equally or more important property is authenticity authenticity is the property that we can associate a data with a speciFc entity from whence it came/belongs to – Integrity is the property that the data has not been modiFed – Note that integrity is a necessary but not sufFcient condition for authenticity (why?) Q : How do we use cryptography for these goals? 4 ?
Background image of page 4
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page • HMAC – Authenticates/integrity for data d in symmetric key system – Uses some key k and hash algorithm h – To simplify, • Why does this provide authenticity? – Cannot produce hmac(k,d) unless you know k and d – If you could, then can break h – Exercise for class: prove the previous statement • Used in protocols to authenticate content 5 Hashed Message Authentication Codes hmac ( k , d )= h ( k · d )
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 18

cse443-lecture-7-appliedcryptography - Lecture 7 - Applied...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online