1 / 32

Training

Widely published & used - federal standard. Complex series of bit substitutions, ... side & server side. Server certificates vouchsafe name of server but ...

medwin
Download Presentation

Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    Slide 1:Cryptography and the Web Lincoln Stein Whitehead Institute/MIT Center for Genome Research

    Slide 2:Cryptography The art of secret message writing. Creating texts that can only be read by authorized individuals only.

    Slide 3:Simple Cryptography

    Slide 4:Caesar Cipher

    Slide 5:Rotating Key Cipher

    Slide 6:General Principles Longer keys make better ciphers Random keys make better ciphers Good ciphers produce “random” ciphertext Best keys are used once and thrown away

    Slide 7:Symmetric (Private Key) Cryptography Examples: DES, RC4, RC5, IDEA, Skipjack Advantages: fast, ciphertext secure Disadvantages: must distribute key in advance, key must not be divulged

    Slide 8:DES: Data Encryption Standard Widely published & used - federal standard Complex series of bit substitutions, permutations and recombinations Basic DES: 56-bit keys Crackable in about a day using specialized hardware Triple DES: effective 112-bit key Uncrackable by known techniques

    Slide 9:Asymmetric (Public Key) Cryptography

    Slide 10:RSA Algorithm patented by RSA Data Security Uses special properties of modular arithmetic C = Pe (mod n) P = Cd (mod n) e, d, and n all hundreds of digits long and derived from a pair of large prime numbers Keys lengths from 512 to 1024 bits

    Slide 11:Public Key Encryption: The Frills

    Slide 12:Digital Envelopes

    Slide 13:Digital Signatures

    Slide 14:Message Digests

    Slide 15:Certifying Authorities

    Slide 16:Hierarchy of Trust

    Slide 17:Secure, Verifiable Transmission

    Slide 18:Public Key Cryptography on the Web Secure Socket Layer (SSL) Netscape Communications Corporation Secure HTTP (SHTTP) Commerce Net

    Slide 19:SSL and SHTTP, similarities RSA public key cryptography MD5 message digests Variety of private key systems Strong cryptography for use in U.S. Weakened cryptography for export.

    Slide 20:SSL and SHTTP, differences

    Slide 21:Secure Servers Netscape Commerce Server Microsoft Internet Information Server WebSite Professional Quarterdeck/WebSTAR Professional OpenMarket Secure Server Apache SSL Many others!

    Slide 22:Secure Servers: Costs Server software Requires license from RSA Data Security Often free for noncommercial use $200-$1000 for commercial use Export forbidden Server certificate $290 for initial certificate $95 each additional servers $75 annual renewal fee

    Slide 23:Secure Servers: Set-up Install & configure server software Create “distinguished name” for your site Fill out server certificate application at Verisign’s Web site Pay the piper Generate key pair and “certificate request” Mail certificate request to Verisign Install signed certificate on your server

    Slide 24:Using SSL

    Slide 25:Signed Certificate

    Slide 26:Applying for a Server Certificate

    Slide 27:Filling out Certificate Request

    Slide 28:The Signed Certificate

    Slide 29:Encryption and U.S. Legal System RSA algorithm patented in U.S. but not recognized by international patent law Must pay licensing fee within U.S. Free outside U.S. Strong encryption keys classified as “munitions” under U.S. export laws A crime to export software with strong encryption FTPable browsers & servers restricted to crippled 40-bit secret keys Main effect has been to hamper distribution of strong software

    Slide 30:SSL Failures Two well-publicized incidents in 1995 40-bit secret key used in export versions vulnerable to brute force attack Single encrypted message vulnerable to cracking in a few weeks on a network of workstations Specialized hardware (probably) can crack in a matter of hours Implementation problem Navigator 2.0 used predictable random number generator to generate secret keys Messages crackable in a few minutes on conventional workstation

    Slide 31:Web Encryption Isn’t Panacea Protect data at browser side & server side Server certificates vouchsafe name of server but not honesty of merchant! Protect integrity of browser & server software

    Slide 32:URLs SSL Protocol http://home.netscape.com/newsref/std/SSL.html SHTTP Protocol http://www.eit.com/projects/s-http/ Verisign http://www.verisign.com/ RSA Data Security http://www.rsa.com/

More Related