1 / 23

CMSC 414 Computer (and Network) Security Lecture 15

CMSC 414 Computer (and Network) Security Lecture 15. Jonathan Katz. Review of cryptography…. Private-key (key shared in advance) Private-key encryption Message authentication codes (MACs) Public-key (PK distributed/SK secret) Public-key encryption Signature schemes.

risa
Download Presentation

CMSC 414 Computer (and Network) Security Lecture 15

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMSC 414Computer (and Network) SecurityLecture 15 Jonathan Katz

  2. Review of cryptography… • Private-key (key shared in advance) • Private-key encryption • Message authentication codes (MACs) • Public-key (PK distributed/SK secret) • Public-key encryption • Signature schemes

  3. Review of cryptography… • Encryption does not provide integrity • Signatures/MACs do not provide secrecy • Signing is not the same as (public key) encryption/decryption • A “checksum” is not the same as a MAC • Deterministic encryption is not secure • CBC-MAC is not the same as CBC encryption

  4. Midterm stats • Average: 65 • (Roughly:) • 80-100: A • 60-80: B • 45-60: C • <45: D/F

  5. Administrative items • HW3 • Project coming soon…

  6. Representing Identity (Chapter 14)

  7. Identity • An identity specifies a principal (a unique entity) • Authentication binds a principal to a (representation of an) identity • Identities are used for, e.g., accountability and access control (among others)

  8. Example: files and objects • Note: the name of an object may depend on the context • E.g., a filename for human use, a file descriptor for process use, and a file allocation entry used by the kernel • E.g., user with different accounts

  9. Example: groups • An “entity” may be a set of entities, i.e., a group • Two implementations of groups • Group is an alias for a set of principals; principals stay in their groups • Principals can change groups; rights depend upon current group membership

  10. Roles • A role is a group that ties membership to function • When a principal assumes a role, the principal is given the rights belonging to that role

  11. Naming and certificates • Identifiers correspond to principals • Must uniquely identify the principal • (Real) names alone are not enough!

  12. E.g., X.509 certificates • Distinguished names identify a principal • Series of fields, each with key and value • E.g. /O=University of Maryland/OU=College Park/OU=Computer Science/CN=J. Katz • “O” - organization; “OU” - organizational unit; “CN” = common name

  13. Certificates • Certification authorities vouch for the identity of the principal to whom a certificate is issued • CA authentication policy determines the level of authentication needed to identify the principal before the certificate is issued • CA issuance policy describes the principals to whom the CA will issue certificates • A single CA can “act” as multiple CAs, each with their own policies…

  14. Example: Verisign (1996) • Three levels of authentication • Verification of valid email address • Verification of name/address • Background check • Different authentication policies; same issuance policy (individuals) • Another issuance policy was for issuing certificates to web servers

  15. Certificate infrastructure • Hierarchical structure of CAs • Nodes correspond to CAs • Children of a CA are constrained by the policies of their parents • Example… • We will revisit cert. infrastructures later…

  16. Example • Internet Policy Registration Authority (IPRA) issues certificates for policy certification authorities (PCAs) • PCAs certify other CAs • Note that their policies cannot conflict with those of the IPRA

  17. Conflicts • What if a single CA issues certificates under different policies? • What if a CA issues a certificate tied to an email address, but the owner of this address changes? • What if two CAs have the same dist. name? • What if two different CAs issue certificates for the same distinguished name (to different principals)?

  18. Easy solution • For organizational certificates, the last type of conflict can be prevented by incorporating CA name into distinguished name • Does not solve the other problems, in general…

  19. Handling conflicts • Conflict detection database… • Before a PCA may issue a certificate to a CA, it checks for a conflict in the database • Sends a hash of the CAs dist. name, the CAs public key, and the dist. name of the PCA • If first two fields conflict with a database entry, the two PCAs must resolve the conflict • Note that this only ensures uniqueness of (DN, PK) pairs

  20. Handling conflicts (in action) • Two CAs with same dist. name? • Will have different public keys… • Same CA with two different policies? • Will use different public keys for each

  21. What does identity mean? • Ultimately, identity is proved using physical means • Driver’s license, fingerprints, etc. • If these are compromised, then certificates are irrelevant! • Certificate is just a binding between external identity and (DN, PK)

  22. Anonymity vs. pseudonymity • Anonymity • No one can identify the source of any messages • Can be achieved via the use of “persona” certificates (with “meaningless” DNs) • Pseudonymity • No one can identify the source of a set of messages… • …but they can tell that they all came from the same person

  23. Levels of anonymity • There is a scale of anonymity • Ranges from no anonymity (complete identification), to partial anonymity (e.g., crowds),to complete anonymity • Pseudonymity is an orthogonal issue…

More Related