{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Public key infrastructure pki integration of digital

Info iconThis preview shows pages 9–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Public Key Infrastructure - (PKI) Integration of digital signatures and certificates. n Digital Certificates n Certificate Authorities (CA) n Registrations Authorities n Policies and procedures n Certificate Revocation n Non-repudiation support n Timestamping n Lightweight Directory Access Protocol n Security Enabled Applications n Cross Certification Approaches to Escrowed Encryption n Allowing law enforcement to obtain the keys to view peoples encrypted data n Escrow the key in two pieces with two trusted escrow agents n Court order to get both pieces n Clipper Chip – implemented in tamper proof hardware Key Escrow using Public Key Cryptography n Fair Cryptosystems – Sylvio Micali, MIT n Private key is split and distributed n Can verify each portion of the key without joining Key Management n Key control n Key recovery n Key storage n Key retirement/destruction n Key Change n Key Generation n Key theft n Frequency of key use E-mail Security n Non-repudiation n Confidentiality of messages n Authentication of Source n Verification of delivery n Labeling of sensitive material n Control Access Secure Multipurpose Internet Mail Extensions (S/MIME) n Adds secure services to messages in MIME format n Provides authentication through digital signatures n Follows Public Key Cryptography Standards (PKCS) n Uses X.509 Signatures MIME Object Security Services (MOSS) n Provides flexibility by supporting different trust models n Uses MD5, RSA Public Key and DES n Permits identification outside of the X.509 Standard
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Privacy Enhanced Mail (PEM) n Compliant with Public Key Cryptography Standards (PKCS) n Developed by consortium of Microsoft, Sun, and Novell n Triple DES-EDE – Symmetric Encryption n MD2 and MD5 Message Digest n RSA Public Key – signatures and key distribution n X.509 Certificates and formal CA Pretty Good Privacy - PGP n Phil Zimmerman n Symmetric Cipher using IDEA n RSA is used for signatures and key distribution n No CA, uses “web of trust” n Users can certify each other Message Authentication Code n Check value derived from message contents SET – Secure Electronic Transaction n Visa and Mastercard developed in 1997 n Encrypts the payment information n DES – Symmetric Encryption n RSA Public Key – signatures and key distribution Secure Sockets Layer (SSL) - HTTPS n Developed by Netscape in 1994 n Uses public key to authenticate server to the client n Also provides option client to sever authentication n Supports RSA public Key Algorithms, IDEA, DES, and 3DES n Supports MD5 Hashing n HTTPS header n Resides between the application and TCP layer n Can be used by telnet, FTP, HTTP and e-mail protocols. n Based on X.509 Transaction Layer Security n Successor to SSL Internet Open Trading Protocol – (IOTP) n Aimed at consumer to business transaction n Flexible and future focused MONDEX n Smart cash card application n Proprietary encryption algorithm n Card is same as cash IPSec n Provides encryption, access control, and non-repudiation over IP.
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}