310 likes | 421 Views
ROLE OF CRYPTOGRAPHY IN ENABLING TRUST IN 5 th Indo-Australian Security Conference AT School of Information Technology, JNU, New Delhi BY Dr. Shri Kant Coordinator JCB Ministry of Defense Metcalfe House, New Delhi-54. OUTLIN E: Trust VS. Security Trust gaining Mechanism
E N D
ROLE OF CRYPTOGRAPHY IN ENABLING TRUST IN 5th Indo-Australian Security Conference AT School of Information Technology, JNU, New Delhi BY Dr. Shri Kant Coordinator JCB Ministry of Defense Metcalfe House, New Delhi-54
OUTLIN E: Trust VS. Security Trust gaining Mechanism Component of Security Key Generation and Distribution Related Issues Possible Solution
TRUST VS SECURITY TUST: Trust is not getting growth in digital word because • Non availability of Generic and user friendly Infrastructure • Difficulty in ensuring Security and fairness in the infrastructure • Methodologies for analyzing and Modelling the security semantics SECURITY: Elements of cryptography can play the role in providing trust in the digital world
Main Areas of Concern Main activities categorised as: -- Business-to Business(B2B) • Business-to-Government (B2G) • Business to Consumer (B2C) • Consumer-to-Consumer (C2C) Also, Government to Business(G2B) – as result of E-Government activities
TRUST MODELS Forms of Trust: 1. Intrapersonal Trust: In one’s own ability 2. Interpersonal Trust: Based on cognitive and affective evaluation of the partner 3. System Trust: Trust in depersonalized systems 4. Object Trust : Trust in non social object For Digital World: The player gain trust Party Trust + Control Trust = Transaction Trust Physical Access Network Access
MODEL TRUST FOR TWO PARTIES • Shapiro et al. In 1992 gave the model for creating trust between two parties • Deterrence-based trust: relates the transacting parties to the possibility of punishment if the chain of trust is brake • 2. Knowledge-based trust: is the • mutually knowledge of the trading • partners • 3. Identification-based trust: is based • on common values with the other • transacting partner’s
E_business transactions and security • Ways to classify electronic payment : • Online or Offline • Pre–paid, Pay–Now, or Pay–Later • Anonymous or Non–anonymous • Cryptography based or crypto less • all e-payment frameworks the following phases should be followed • Trust services– the provision of services capable to establish trust • Security services – perceive the security requirements • Payment transaction: • Information phase – during the information phase the parties identified • Negotiation phase- specify their relationships, contract and obligations agreements • Payment phase – assessment of how the payment settlement will be carried out
Relying Party PKI SIMPLIFIED • PKI functions can be divided into sets: • The roles which can be identified are several • Certification Authority: Providing trusted procedures for issuing and revoking certificates • PKI Directory / Certificate Repository / Certificate Resource Library: • • End Entities (servers): consuming e-business services and End Users • So, PKI as a trusted network is a set of: • Security services. • Digital certificates, that provides electronic identification of parties participating on the Internet. • Rules and processes that determine how the PKI is operated and who can participate in it.
Information and Communication Technologies( ICT) Policies • A mechanism to implement the global vision: Global Trust Center: at national level • A guiding framework for ICT program • A coordination mechanism between various stakeholders and funding agencies Regional Nodes & Trust Centers • Formidable Key Generation Center to cater all the requirements • An evaluation tool for decision makers
Information and Communication Technologies( ICT) Policies Local Policies and Plans: E-Commercelegal and regulatory frameworks ( digital signatures, electronic contracts, certification authority, and cryptography and the following should be addressed within this framework: Encryption and decryptionLack of security over the Internet is a real threat to the development of e-commerce. Encryption and decryption techniques provide authentication, authorization, confidentiality, integrity to services. Digital signaturesdigital signatures and electronic contracts are relevant in case of dispute between trading partners in an e-commerce transaction.
ICT: Policies Policies and Plans: E-Commerce: • Certification authoritiessecure electronic transactions, certification authorities to act as trusted third parties to verify information about parties. • African certification authorities must take part in the framework for supporting international interoperability of certification mechanisms and the mutual recognition of certification authorities. • Consumer protectionIn an electronic market place not easy for consumers to identify and localize suppliers. • For consumer confidence in electronic commerce, need to promote protection mechanisms
ICT: Policies AISI Policies, Strategies:Role of ECA NICI Policies and Plans: E-Commerce: • Electronic paymentsOnline payment using credit cards a missing component of the African E-business environment • security major challenge to the development of E-payments • Involving Central Banks in e-Commerce policy development
ICT: Policies NICI Policies and Plans: E-Commerce: • The usefulness of the courts For international electronic commerce,the usefulness of courts for resolving problem transactions may be limited. • Intellectual property rights.crucial in providing security and trust with respect to investment and trade in ideas and cultural activities and for commercial returns. • Music and cultural products is a key sector where Africa can capture some e-commerce niches. It is essential to protect African producers in order to unleash this type of activity.
Way Forward/Recommendations • Networkof Entrepreneurs for ICTs • Establish necessary training programmeto advance this proposal, including developing training materials (ITCA); • Provide advocacy skillsto women in countries where there are national ICT policies to pursue gender-sensitive policies for the advancement of women • Create an on-line discussion groupto stimulating the Network;
Pseudo-random Sequences • Period should be very high and do not repeat for a large length • Cryptographically secure pseudo-random sequence must be unpredictable • An adversary cannot predict that bits with more than chance probability • Model Developed • Classificatory and Next bit prediction of pseudo random sequences using C4.5 as inductive algorithm
Class Bits Classificatory Prediction Bit stream taken for study is m Bits, b1,b2,b3,b4……….bmWhere m << Period Now we make patterns of block length “i” from these bits b1,b2,b3,b4………. , bi ,bi+1 ,bi+2 ,….,bm-i ,…………….….. bm-1 ,bm . P1 Pm-i P2 Pattern P1: b1,b2,b3,b4………. , b i ,b i+1 PatternP2: b2,b3,b4 ,b5 ……… ,b i+1 ,b i+2 ……………………… ……………………. PatternPm-i: b m-i,bm-i-1………. ,bm-1 ,b m
Data-Mining Classification tool C4.5 • Creates tree using information theory concepts • Split attribute with the highest information gain ratio: Gain Ratio(x) = Gain(x) / split info(x) Gain (T,V) = Entropy (T) − Entropy (V | T) Entropy (T)Entropy of System containing undivided Set Entropy (V | T) Entropy of system containing subsets divided by predicate value of V attribute Potential information generated by dividing T on the basis of the value of a attribute X into sets T1, T2, .., Tn is equal to Example
Result after applying Pattern Duplication Technique Previous Results New Results
Pattern Duplication Technique for the case of LFSR The “Pattern Duplication” technique is under rigorous testing phase, which will give solution of LFSR with minimum number of output bits(close to 2n I.e limit to BM algorithm). After applying these two properties on existednpatterns we get n*(n-1) patterns.
Complete Solution of LFSR LFSR x10 x3 1 frame length i =10 it means 11th bit will be class bit. Rules Generated If bit at position 1 is 0 and bit at position 8 is 1 then class label is 1 If bit at position 1 is 1 and bit at position 8 is 0 then class label is 1 If bit at position 1 is 1 and bit at position 8 is 1 then class label is 0 If bit at position 1 is 0 and bit at position 8 is 0 then class label is 0 GNBP program identifies bit 1 and 4 as significant attributes or bits. Here, we can observe that bit1 bit8 = class label x x8 = x11 1 x7 = x10 1 x7 x10 = 1 1 x10-7 x10 = 1 1 x3 x10 = 1 Which is Required polynomial Property of primitive polynomial
Quantum Computation Quantum Factoring Find the factors of: 57 Find the factors of: 1623847601650176238761076269172261217123987210397462187618712073623846129873982634897121861102379691863198276319276121 3 x 19 whimper All known algorithms for factoring an n-bit number on a classical computer take time proportional to O(n!). But Shor’s algorithm for factoring on a quantum computer takes time proportional to O(n2 log n).
Significance of Quantum Factorization: with a classical computer # bits 1024 2048 4096 factoring in 2006 105 years 5x1015 years 3x1029 years factoring in 2024 38 years 1012 years 7x1025 years factoring in 2042 3 days 3x108 years2x1022 years with potential quantum computer (e.g., clock speed 100 MHz) # bits 1024 2048 4096 factoring time 4.5 min 36 min 4.8 hours R. J. Hughes, LA-UR-97-4986
ISSUE IN KEY DISTRIBUTION Symmetric Key: • Through physical Courier (Ruled out) • Over the air (Known to all) • On line communication (Known to all) but can • be given on line remedy. Asymmetric Key: • Doable but costly infrastructure.
FEATURES ENABLING TRUST • Identification and authentication • Message confidentiality • Message integrity • Non-repudiation • Transparent transaction process • Traceability and accountability
ONLINE KEY GENERATION FOR EACH TRANSACTION Seed from user LFSR or Their variants MIXING MECHANISM Time and date BBS Generator RAND() Free disk information System Info Mouse Co-ordinates Sector Information of Disk Computer Clock