SlideShare une entreprise Scribd logo

Protocols and Practices in Using Encryption Chapter 4

Télécharger en tant que PPT, PDF
AfiqEfendy Zaen
AfiqEfendy Zaen
Technologie
1  sur  31
11 CHAPTER 4CHAPTER 4 PROTOCOLS & PRACTICESPROTOCOLS & PRACTICES IN USING ENCRYPTIONIN USING ENCRYPTION
2 IntroductionIntroduction What is a protocol?What is a protocol? Protocol is an orderly sequence of steps two orProtocol is an orderly sequence of steps two or more parties take to accomplish some task.more parties take to accomplish some task. Everyone using a protocol must agree to theEveryone using a protocol must agree to the protocol before using it.protocol before using it. People use protocols to regulate behavior forPeople use protocols to regulate behavior for mutual benefit.mutual benefit.
3 IntroductionIntroduction Good protocol has the following characteristics:Good protocol has the following characteristics: (1)(1) Established in advanceEstablished in advance: the protocol is: the protocol is completely designed before it is used.completely designed before it is used. (2)(2) Mutually subscribedMutually subscribed: All parties to the protocol: All parties to the protocol agree to follow its steps, in order.agree to follow its steps, in order. (3)(3) UnambiguousUnambiguous: No party can fail to follow a: No party can fail to follow a step properly because the party hasstep properly because the party has misunderstood the step.misunderstood the step. (4)(4) CompleteComplete: For every situation that can occur: For every situation that can occur there is a prescribe action to be taken.there is a prescribe action to be taken.
4 Types of ProtocolsTypes of Protocols There are three types of protocols:There are three types of protocols: Arbitrated protocolsArbitrated protocols Adjudicated protocolsAdjudicated protocols Self-enforcing protocolsSelf-enforcing protocols
5 Types of ProtocolsTypes of Protocols Arbitrated ProtocolsArbitrated Protocols Arbitrator is a disinterested 3Arbitrator is a disinterested 3rdrd party trusted toparty trusted to complete a transaction between two distrustingcomplete a transaction between two distrusting parties.parties. Example: Buying and selling cars – banker orExample: Buying and selling cars – banker or lawyer is the arbitrator.lawyer is the arbitrator. In computer protocol, an arbitrator is aIn computer protocol, an arbitrator is a trustworthy 3trustworthy 3rdrd party who ensures fairness. Itparty who ensures fairness. It might be a person, a program or a machine.might be a person, a program or a machine.
6 Arbitrated ProtocolsArbitrated Protocols
7 Types of ProtocolsTypes of Protocols Arbitrated computer protocols have severalArbitrated computer protocols have several disadvantages:disadvantages: The two sides may not be able to find a neutral 3The two sides may not be able to find a neutral 3rdrd party that both sides trust. Suspicious users areparty that both sides trust. Suspicious users are rightfully suspicious of an unknown arbiter in arightfully suspicious of an unknown arbiter in a network.network. Maintaining the availability of an arbiter represents aMaintaining the availability of an arbiter represents a cost to the users or the network, that cost may becost to the users or the network, that cost may be high.high. For these reasons, an arbitrated protocol is avoided if possible!
8 Types of ProtocolsTypes of Protocols Arbitrated computer protocols have severalArbitrated computer protocols have several disadvantages:disadvantages: Arbitration causes a time delay in communicationArbitration causes a time delay in communication because a third party must receive, act on and thenbecause a third party must receive, act on and then forward every transaction.forward every transaction. If the arbitration service is heavily used, it mayIf the arbitration service is heavily used, it may become a bottleneck in the network as many usersbecome a bottleneck in the network as many users try to access a single arbiter.try to access a single arbiter. Secrecy becomes vulnerable, because the arbiterSecrecy becomes vulnerable, because the arbiter has access to much sensitive information.has access to much sensitive information. For these reasons, an arbitrated protocol is avoided if possible!
9 Types of ProtocolsTypes of Protocols Adjudicated ProtocolsAdjudicated Protocols The idea of adjudicator is similar to arbiter.The idea of adjudicator is similar to arbiter. With an adjudicated protocol enough data isWith an adjudicated protocol enough data is available for a disinterested 3available for a disinterested 3rdrd party to judgeparty to judge fairness based on the evidence.fairness based on the evidence. Not only can 3Not only can 3rdrd party determine whether twoparty determine whether two disputing parties acted fairly that is within thedisputing parties acted fairly that is within the rules of the protocol but the 3rules of the protocol but the 3rdrd party can alsoparty can also determine who cheated.determine who cheated.
10 Types of ProtocolsTypes of Protocols Adjudicated ProtocolsAdjudicated Protocols Adjudicated protocols involve the services of aAdjudicated protocols involve the services of a 33rdrd party only in a case of a dispute.party only in a case of a dispute. Therefore, they are usually less costly in termsTherefore, they are usually less costly in terms of machine time or access to a trusted 3of machine time or access to a trusted 3rdrd partyparty software judge than arbitrated protocols.software judge than arbitrated protocols. However, adjudicated protocols detect a failureHowever, adjudicated protocols detect a failure to cooperate only after the failure has occurred.to cooperate only after the failure has occurred.
11 Adjudicated ProtocolAdjudicated Protocol
12 Types of ProtocolTypes of Protocol Self-Enforcing ProtocolsSelf-Enforcing Protocols A self-enforcing protocol is one that guaranteesA self-enforcing protocol is one that guarantees fairness.fairness. If either party tries to cheat, that fact becomesIf either party tries to cheat, that fact becomes evident to the other party.evident to the other party. No outsider is needed to ensure fairness.No outsider is needed to ensure fairness. Obviously, self-enforcing protocols areObviously, self-enforcing protocols are preferable to the other types.preferable to the other types. However, there is not a self-enforcing protocolHowever, there is not a self-enforcing protocol for every situation.for every situation.
13 Self-Enforcing ProtocolSelf-Enforcing Protocol
14 Protocol to Solve ProblemsProtocol to Solve Problems Cryptographic algorithms rely on the propertyCryptographic algorithms rely on the property that it is easy to encrypt and decrypt messagesthat it is easy to encrypt and decrypt messages with the appropriate keys but very hard to findwith the appropriate keys but very hard to find keys.keys. Therefore key management is really, reallyTherefore key management is really, really important!!!important!!!
15 SymmetricSymmetric P --------------------P --------------------RR C = E(M, K)C = E(M, K) M = D(C, K)M = D(C, K)
16 AssymmetricAssymmetric P----------------------------P----------------------------RR C = E(M, RC = E(M, Rpubpub)) M = D(C, RM = D(C, Rprivpriv)) M = D[E(M, RM = D[E(M, Rpubpub) R) Rprivpriv)])]
17 AssymmetricAssymmetric P -------------------------P ------------------------- RR ConfidentialityConfidentiality – D[E(M, RD[E(M, Rpubpub), R), Rprivpriv]] AuthenticationAuthentication – D[E(M, Ppriv), PD[E(M, Ppriv), Ppubpub]]
18 Protocol to Solve ProblemsProtocol to Solve Problems Several protocols developed for key distribution:Several protocols developed for key distribution: Symmetric key exchange with serverSymmetric key exchange with server Symmetric key exchange without serverSymmetric key exchange without server Asymmetric key exchange with serverAsymmetric key exchange with server Asymmetric key exchange without serverAsymmetric key exchange without server
19 Protocol to Solve ProblemsProtocol to Solve Problems Assume that two users already each have a copy of aAssume that two users already each have a copy of a symmetric (secret) encryption key K known only to themsymmetric (secret) encryption key K known only to them – small messages is ok to use K.– small messages is ok to use K. But for greater security, they can agree to change keysBut for greater security, they can agree to change keys on a frequent basis even as often as a different key foron a frequent basis even as often as a different key for each message.each message. To do this, either one can generate a fresh key calledTo do this, either one can generate a fresh key called KKNEWNEW, encrypt it under K and send to the other., encrypt it under K and send to the other. K is called the “master key”K is called the “master key” KKNEWNEW is called the “traffic” or “session” key.is called the “traffic” or “session” key. Symmetric key exchange without serverSymmetric key exchange without server
20 Block replay attack Assume two bank use fixed format on electronic exchange name of depositor account no transfer amount Suppose outsiders (Tipah) able to tap the data channel between these banks. The first day, Tipah has his bank transfer $10 on his behalf from one bank to another. (Tipah has account with both banks). The next day she does the same thing but the amount is $20. Why Knew?
21 Assume that both transmissions were sent under the same encryption key. Tipah would noticed that the first two blocks encrypted were the same. So she know that the first two blocks are her name and her account no. The only different is the third block (the amount of money).
22 By inserting data onto the transmission line, Tipah can now replace any person and account number with his own name and account number, leaving the amount alone. Tipah does not need to know who should be getting the money or how much is being obtained; Tipah simply changes name and account no to his own and watches the balance in his account grow. In ease, the interceptor does not necessarily have to break the encryption.
23 Protocol to Solve ProblemsProtocol to Solve Problems Symmetric key exchange with serverSymmetric key exchange with server i. Please give me a key to communicate with Renee ii. Here’s a key for you and a copy for Renee iii. Renee, the distribution center gave me this key for our private communication. Renee Pablo Distribution Centre
24 Protocol to Solve ProblemsProtocol to Solve Problems Disadvantage of this approach:Disadvantage of this approach: Two users must both share one key that isTwo users must both share one key that is unique to them.unique to them. Other pairs of users need unique keys andOther pairs of users need unique keys and in general n users need n(n-1)/2.in general n users need n(n-1)/2. Eg. 5 users –> 5(5-1)/2 = 10 keys.Eg. 5 users –> 5(5-1)/2 = 10 keys. Symmetric key exchange without serverSymmetric key exchange without server
25 IssuesIssues 1.1. E(M, Rpub) – slow.E(M, Rpub) – slow. 2.2. E(Knew, Rpub) – no authentication.E(Knew, Rpub) – no authentication. Protocols to Solve ProblemsProtocols to Solve Problems Asymmetric key exchange without serverAsymmetric key exchange without server
26 Protocols to Solve ProblemsProtocols to Solve Problems Suppose Pablo and Reene want to exchange aSuppose Pablo and Reene want to exchange a message, each has a public/private key pair and eachmessage, each has a public/private key pair and each has access to the others public key.has access to the others public key. Denote Ppub –> Pablo public key and Ppriv –> PabloDenote Ppub –> Pablo public key and Ppriv –> Pablo private key.private key. Rpub -> Renee public key and Rpriv -> Renee privateRpub -> Renee public key and Rpriv -> Renee private key.key. Pablo can send E(Knew, Rpub) directly to Reene.Pablo can send E(Knew, Rpub) directly to Reene. But how sure that E(Knew, Rpub) is from Pablo? ReeneBut how sure that E(Knew, Rpub) is from Pablo? Reene couldn’t tell that.couldn’t tell that. So to improve better – Pablo sends to Reene E(E(Knew,So to improve better – Pablo sends to Reene E(E(Knew, Ppriv), Rpub)Ppriv), Rpub) Asymmetric key exchange without serverAsymmetric key exchange without server
27 Protocol to Solve ProblemsProtocol to Solve Problems Asymmetric key exchange with serverAsymmetric key exchange with server 1. Please give me Renee’s Public Key 2. Here is Renee Public Key 3. I’m Pablo, Lets talk 4. Please give me Pablo’s Public Key 5. Here is Pablo’s Public Key 6. Renee here what’s up? 7. How are you Distribution Centre Renee Pablo
28 Protocol to Solve ProblemsProtocol to Solve Problems Distribution Center (DC) How do DC deals with keys? – publish its own public key widely – anybody wish to register, deliver the key and personal identity under the DC key Can have more than one center: – as backup, overload, if it doesn’t have the key, request from other DC – performance, size, reliability – must be available any time So, what gives us confidence that the keys registered are authentic?? That is, they belong to the people whose identification are associated.
29 Protocol to Solve ProblemsProtocol to Solve Problems Certificate Develop ways for two people to establish trust without having both parties to be present. Trust coordinated => Certificate Authority Advantages and Disadvantages of Key Distribution Operational Restriction – availability of DC Trust – who must be trusted Protection from failure – anybody impersonate any entities Efficient Protocol – use several time-consuming steps for one-time use (establish an encryption key) Protocol – easy to implement or not (computer implementation vs manual use)
30 Digital SignatureDigital Signature A Digital Signature is a protocol that produces the same effect as a real signature. It has the following characteristics: – Authentic : the recipient believes the signer deliberately signed the document – Unforgeable : the signature proves that the signer and nobody else signed the document – Single purpose : the signature is attached to the document and cannot be moved to a different one – Unalterable : after it has been signed, the document can no longer be changed. – Unrepudiable : after the fact, the signer cannot successfully deny having signed the document.
31 How does Digital Signature Works?How does Digital Signature Works? Refer to extra notes…

Recommandé

Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Sandeepk316
 
Hyperledger Overview - 20181024
Hyperledger Overview - 20181024Hyperledger Overview - 20181024
Hyperledger Overview - 20181024Arnaud Le Hors
 
8 network devices
8 network devices8 network devices
8 network devicesJaleto Sunkemo
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network mainKanika Gupta
 
Secure communication
Secure communicationSecure communication
Secure communicationTushar Swami
 
Blockchain by Aman Thakur.pptx
Blockchain by Aman Thakur.pptxBlockchain by Aman Thakur.pptx
Blockchain by Aman Thakur.pptxThe NorthCap University
 
Blockchain 2.0
Blockchain 2.0Blockchain 2.0
Blockchain 2.0Jérôme Kehrli
 
Difference Between Digital Signature vs Digital Certificate
Difference Between Digital Signature vs Digital CertificateDifference Between Digital Signature vs Digital Certificate
Difference Between Digital Signature vs Digital CertificateAboutSSL
 

Recommandé

Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Sandeepk316
 
Hyperledger Overview - 20181024
Hyperledger Overview - 20181024Hyperledger Overview - 20181024
Hyperledger Overview - 20181024Arnaud Le Hors
 
8 network devices
8 network devices8 network devices
8 network devicesJaleto Sunkemo
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network mainKanika Gupta
 
Secure communication
Secure communicationSecure communication
Secure communicationTushar Swami
 
Blockchain by Aman Thakur.pptx
Blockchain by Aman Thakur.pptxBlockchain by Aman Thakur.pptx
Blockchain by Aman Thakur.pptxThe NorthCap University
 
Blockchain 2.0
Blockchain 2.0Blockchain 2.0
Blockchain 2.0Jérôme Kehrli
 
Difference Between Digital Signature vs Digital Certificate
Difference Between Digital Signature vs Digital CertificateDifference Between Digital Signature vs Digital Certificate
Difference Between Digital Signature vs Digital CertificateAboutSSL
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private NetworkRajendra Dangwal
 
Cryptography & Network Security
Cryptography & Network SecurityCryptography & Network Security
Cryptography & Network SecurityFahad Shaikh
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Fileextraction with suricata
Fileextraction with suricataFileextraction with suricata
Fileextraction with suricataMrArora Arjuna
 
Differentiated Services
Differentiated ServicesDifferentiated Services
Differentiated Servicespalashc
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private NetworkPeter R. Egli
 
Blockchain 101 by imran bashir
Blockchain 101 by imran bashirBlockchain 101 by imran bashir
Blockchain 101 by imran bashirImran Bashir
 
PPPoE Server & Client Configuration
PPPoE Server & Client ConfigurationPPPoE Server & Client Configuration
PPPoE Server & Client ConfigurationNetProtocol Xpert
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesMdFazleRabbi18
 
Digital signature
Digital signatureDigital signature
Digital signatureHossain Md Shakhawat
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Blockchain
BlockchainBlockchain
BlockchainAmit Kumar
 
Virtual Private Network VPN
Virtual Private Network VPNVirtual Private Network VPN
Virtual Private Network VPNFarah M. Altufaili
 
Alcatel-Lucent Enterprise Hospitality Solutions
Alcatel-Lucent Enterprise Hospitality SolutionsAlcatel-Lucent Enterprise Hospitality Solutions
Alcatel-Lucent Enterprise Hospitality SolutionsAlcatel-LucentEnterpriseMEA
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFWGroup of company MUK
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
Introduction to Blockchain and Smart Contracts
Introduction to Blockchain and Smart ContractsIntroduction to Blockchain and Smart Contracts
Introduction to Blockchain and Smart ContractsSaad Zaher
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewallvinayh.vaghamshi _
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2AfiqEfendy Zaen
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6AfiqEfendy Zaen
 

Contenu connexe

Tendances

Cryptography & Network Security
Cryptography & Network SecurityCryptography & Network Security
Cryptography & Network SecurityFahad Shaikh
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Fileextraction with suricata
Fileextraction with suricataFileextraction with suricata
Fileextraction with suricataMrArora Arjuna
 
Differentiated Services
Differentiated ServicesDifferentiated Services
Differentiated Servicespalashc
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private NetworkPeter R. Egli
 
Blockchain 101 by imran bashir
Blockchain 101 by imran bashirBlockchain 101 by imran bashir
Blockchain 101 by imran bashirImran Bashir
 
PPPoE Server & Client Configuration
PPPoE Server & Client ConfigurationPPPoE Server & Client Configuration
PPPoE Server & Client ConfigurationNetProtocol Xpert
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesMdFazleRabbi18
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
Introduction to Blockchain and Smart Contracts
Introduction to Blockchain and Smart ContractsIntroduction to Blockchain and Smart Contracts
Introduction to Blockchain and Smart ContractsSaad Zaher
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 

Tendances (20)

Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Cryptography & Network Security
Cryptography & Network SecurityCryptography & Network Security
Cryptography & Network Security
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signature
 
Fileextraction with suricata
Fileextraction with suricataFileextraction with suricata
Fileextraction with suricata
 
Differentiated Services
Differentiated ServicesDifferentiated Services
Differentiated Services
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
 
Blockchain 101 by imran bashir
Blockchain 101 by imran bashirBlockchain 101 by imran bashir
Blockchain 101 by imran bashir
 
PPPoE Server & Client Configuration
PPPoE Server & Client ConfigurationPPPoE Server & Client Configuration
PPPoE Server & Client Configuration
 
Topic1 substitution transposition-techniques
Topic1 substitution transposition-techniquesTopic1 substitution transposition-techniques
Topic1 substitution transposition-techniques
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Blockchain
BlockchainBlockchain
Blockchain
 
Virtual Private Network VPN
Virtual Private Network VPNVirtual Private Network VPN
Virtual Private Network VPN
 
Alcatel-Lucent Enterprise Hospitality Solutions
Alcatel-Lucent Enterprise Hospitality SolutionsAlcatel-Lucent Enterprise Hospitality Solutions
Alcatel-Lucent Enterprise Hospitality Solutions
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFW
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocols
 
Introduction to Blockchain and Smart Contracts
Introduction to Blockchain and Smart ContractsIntroduction to Blockchain and Smart Contracts
Introduction to Blockchain and Smart Contracts
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewall
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)
 

En vedette

Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2AfiqEfendy Zaen
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6AfiqEfendy Zaen
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1AfiqEfendy Zaen
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2AfiqEfendy Zaen
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
1. chapter 1 introduction of Finance
1. chapter 1 introduction of Finance1. chapter 1 introduction of Finance
1. chapter 1 introduction of FinanceAfiqEfendy Zaen
 
10. cash flow in capital budgeting
10. cash flow in capital budgeting10. cash flow in capital budgeting
10. cash flow in capital budgetingAfiqEfendy Zaen
 

En vedette (8)

Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2Secure Encyrption Systems Chapter 2
Secure Encyrption Systems Chapter 2
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
 
Basic Security Chapter 1
Basic Security Chapter 1Basic Security Chapter 1
Basic Security Chapter 1
 
Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2Basic Encryption Decryption Chapter 2
Basic Encryption Decryption Chapter 2
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
1. chapter 1 introduction of Finance
1. chapter 1 introduction of Finance1. chapter 1 introduction of Finance
1. chapter 1 introduction of Finance
 
10. cash flow in capital budgeting
10. cash flow in capital budgeting10. cash flow in capital budgeting
10. cash flow in capital budgeting
 

Similaire à Protocols and Practices in Using Encryption Chapter 4

SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONSPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONIJNSA Journal
 
DATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEME
DATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEMEDATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEME
DATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEMEIRJET Journal
 
A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications
A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications
A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications IJNSA Journal
 
security lecture and final powepoint presentation
security lecture and final powepoint presentationsecurity lecture and final powepoint presentation
security lecture and final powepoint presentationsrajece
 
From 7331 to legal : a selection of blockchain discussion topics
From 7331 to legal : a selection of blockchain discussion topicsFrom 7331 to legal : a selection of blockchain discussion topics
From 7331 to legal : a selection of blockchain discussion topicsKoen Vingerhoets
 
20190316 - CLBFest - 1337 to legal - Koen Vingerhoets
20190316 - CLBFest - 1337 to legal - Koen Vingerhoets20190316 - CLBFest - 1337 to legal - Koen Vingerhoets
20190316 - CLBFest - 1337 to legal - Koen VingerhoetsBrussels Legal Hackers
 
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...csandit
 
Blockchain : BreakTheStigma
Blockchain : BreakTheStigmaBlockchain : BreakTheStigma
Blockchain : BreakTheStigmaKnoldus Inc.
 
DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP
DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP
DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP IJNSA Journal
 
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONSAN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONSIJNSA Journal
 
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONSAN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONSIJNSA Journal
 
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLOPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLIJNSA Journal
 
What is The zero knowledge Proofs Protocol System
What is The zero knowledge Proofs Protocol System What is The zero knowledge Proofs Protocol System
What is The zero knowledge Proofs Protocol System Blockchain Council
 
Smart contracts
Smart contractsSmart contracts
Smart contractsCoinGape
 

Similaire à Protocols and Practices in Using Encryption Chapter 4 (20)

A Secure Proxy Signature Scheme with Fault Tolerance Based On Discrete Logari...
A Secure Proxy Signature Scheme with Fault Tolerance Based On Discrete Logari...A Secure Proxy Signature Scheme with Fault Tolerance Based On Discrete Logari...
A Secure Proxy Signature Scheme with Fault Tolerance Based On Discrete Logari...
 
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONSPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
 
DATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEME
DATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEMEDATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEME
DATA COMPARISON: APPLICATION OF PSI AND ZERO-KNOWLEDGE SCHEME
 
New Secure Proxy Signature Scheme with Fault Tolerance Based On Factoring and...
New Secure Proxy Signature Scheme with Fault Tolerance Based On Factoring and...New Secure Proxy Signature Scheme with Fault Tolerance Based On Factoring and...
New Secure Proxy Signature Scheme with Fault Tolerance Based On Factoring and...
 
A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications
A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications
A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications
 
57 306-311
57 306-31157 306-311
57 306-311
 
security lecture and final powepoint presentation
security lecture and final powepoint presentationsecurity lecture and final powepoint presentation
security lecture and final powepoint presentation
 
From 7331 to legal : a selection of blockchain discussion topics
From 7331 to legal : a selection of blockchain discussion topicsFrom 7331 to legal : a selection of blockchain discussion topics
From 7331 to legal : a selection of blockchain discussion topics
 
20190316 - CLBFest - 1337 to legal - Koen Vingerhoets
20190316 - CLBFest - 1337 to legal - Koen Vingerhoets20190316 - CLBFest - 1337 to legal - Koen Vingerhoets
20190316 - CLBFest - 1337 to legal - Koen Vingerhoets
 
H0342043046
H0342043046H0342043046
H0342043046
 
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
A PROXY SIGNATURE SCHEME BASED ON NEW SECURE AUTHENTICATED KEY AGREEMENT PROT...
 
Blockchain : BreakTheStigma
Blockchain : BreakTheStigmaBlockchain : BreakTheStigma
Blockchain : BreakTheStigma
 
Cryptographic protocols
Cryptographic protocolsCryptographic protocols
Cryptographic protocols
 
Wiretaps
WiretapsWiretaps
Wiretaps
 
DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP
DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP
DESIGN AND EVALUATION OF A NEW FAIR EXCHANGE PROTOCOL BASED ON AN ONLINE TTP
 
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONSAN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
 
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONSAN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS
 
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLOPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
 
What is The zero knowledge Proofs Protocol System
What is The zero knowledge Proofs Protocol System What is The zero knowledge Proofs Protocol System
What is The zero knowledge Proofs Protocol System
 
Smart contracts
Smart contractsSmart contracts
Smart contracts
 

Plus de AfiqEfendy Zaen

10. short term financial planning
10. short term financial planning10. short term financial planning
10. short term financial planningAfiqEfendy Zaen
 
2. financial statement cash flow
2. financial statement cash flow2. financial statement cash flow
2. financial statement cash flowAfiqEfendy Zaen
 

Plus de AfiqEfendy Zaen (8)

10. short term financial planning
10. short term financial planning10. short term financial planning
10. short term financial planning
 
9. cost of capital
9. cost of capital9. cost of capital
9. cost of capital
 
8. stock valuation
8. stock valuation8. stock valuation
8. stock valuation
 
6. risk return
6. risk return6. risk return
6. risk return
 
6. bond valuation
6. bond valuation6. bond valuation
6. bond valuation
 
4. time value of money
4. time value of money4. time value of money
4. time value of money
 
3 financial ratio
3 financial ratio3 financial ratio
3 financial ratio
 
2. financial statement cash flow
2. financial statement cash flow2. financial statement cash flow
2. financial statement cash flow
 

Dernier

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Protocols and Practices in Using Encryption Chapter 4

  • 1. 11 CHAPTER 4CHAPTER 4 PROTOCOLS & PRACTICESPROTOCOLS & PRACTICES IN USING ENCRYPTIONIN USING ENCRYPTION
  • 2. 2 IntroductionIntroduction What is a protocol?What is a protocol? Protocol is an orderly sequence of steps two orProtocol is an orderly sequence of steps two or more parties take to accomplish some task.more parties take to accomplish some task. Everyone using a protocol must agree to theEveryone using a protocol must agree to the protocol before using it.protocol before using it. People use protocols to regulate behavior forPeople use protocols to regulate behavior for mutual benefit.mutual benefit.
  • 3. 3 IntroductionIntroduction Good protocol has the following characteristics:Good protocol has the following characteristics: (1)(1) Established in advanceEstablished in advance: the protocol is: the protocol is completely designed before it is used.completely designed before it is used. (2)(2) Mutually subscribedMutually subscribed: All parties to the protocol: All parties to the protocol agree to follow its steps, in order.agree to follow its steps, in order. (3)(3) UnambiguousUnambiguous: No party can fail to follow a: No party can fail to follow a step properly because the party hasstep properly because the party has misunderstood the step.misunderstood the step. (4)(4) CompleteComplete: For every situation that can occur: For every situation that can occur there is a prescribe action to be taken.there is a prescribe action to be taken.
  • 4. 4 Types of ProtocolsTypes of Protocols There are three types of protocols:There are three types of protocols: Arbitrated protocolsArbitrated protocols Adjudicated protocolsAdjudicated protocols Self-enforcing protocolsSelf-enforcing protocols
  • 5. 5 Types of ProtocolsTypes of Protocols Arbitrated ProtocolsArbitrated Protocols Arbitrator is a disinterested 3Arbitrator is a disinterested 3rdrd party trusted toparty trusted to complete a transaction between two distrustingcomplete a transaction between two distrusting parties.parties. Example: Buying and selling cars – banker orExample: Buying and selling cars – banker or lawyer is the arbitrator.lawyer is the arbitrator. In computer protocol, an arbitrator is aIn computer protocol, an arbitrator is a trustworthy 3trustworthy 3rdrd party who ensures fairness. Itparty who ensures fairness. It might be a person, a program or a machine.might be a person, a program or a machine.
  • 7. 7 Types of ProtocolsTypes of Protocols Arbitrated computer protocols have severalArbitrated computer protocols have several disadvantages:disadvantages: The two sides may not be able to find a neutral 3The two sides may not be able to find a neutral 3rdrd party that both sides trust. Suspicious users areparty that both sides trust. Suspicious users are rightfully suspicious of an unknown arbiter in arightfully suspicious of an unknown arbiter in a network.network. Maintaining the availability of an arbiter represents aMaintaining the availability of an arbiter represents a cost to the users or the network, that cost may becost to the users or the network, that cost may be high.high. For these reasons, an arbitrated protocol is avoided if possible!
  • 8. 8 Types of ProtocolsTypes of Protocols Arbitrated computer protocols have severalArbitrated computer protocols have several disadvantages:disadvantages: Arbitration causes a time delay in communicationArbitration causes a time delay in communication because a third party must receive, act on and thenbecause a third party must receive, act on and then forward every transaction.forward every transaction. If the arbitration service is heavily used, it mayIf the arbitration service is heavily used, it may become a bottleneck in the network as many usersbecome a bottleneck in the network as many users try to access a single arbiter.try to access a single arbiter. Secrecy becomes vulnerable, because the arbiterSecrecy becomes vulnerable, because the arbiter has access to much sensitive information.has access to much sensitive information. For these reasons, an arbitrated protocol is avoided if possible!
  • 9. 9 Types of ProtocolsTypes of Protocols Adjudicated ProtocolsAdjudicated Protocols The idea of adjudicator is similar to arbiter.The idea of adjudicator is similar to arbiter. With an adjudicated protocol enough data isWith an adjudicated protocol enough data is available for a disinterested 3available for a disinterested 3rdrd party to judgeparty to judge fairness based on the evidence.fairness based on the evidence. Not only can 3Not only can 3rdrd party determine whether twoparty determine whether two disputing parties acted fairly that is within thedisputing parties acted fairly that is within the rules of the protocol but the 3rules of the protocol but the 3rdrd party can alsoparty can also determine who cheated.determine who cheated.
  • 10. 10 Types of ProtocolsTypes of Protocols Adjudicated ProtocolsAdjudicated Protocols Adjudicated protocols involve the services of aAdjudicated protocols involve the services of a 33rdrd party only in a case of a dispute.party only in a case of a dispute. Therefore, they are usually less costly in termsTherefore, they are usually less costly in terms of machine time or access to a trusted 3of machine time or access to a trusted 3rdrd partyparty software judge than arbitrated protocols.software judge than arbitrated protocols. However, adjudicated protocols detect a failureHowever, adjudicated protocols detect a failure to cooperate only after the failure has occurred.to cooperate only after the failure has occurred.
  • 12. 12 Types of ProtocolTypes of Protocol Self-Enforcing ProtocolsSelf-Enforcing Protocols A self-enforcing protocol is one that guaranteesA self-enforcing protocol is one that guarantees fairness.fairness. If either party tries to cheat, that fact becomesIf either party tries to cheat, that fact becomes evident to the other party.evident to the other party. No outsider is needed to ensure fairness.No outsider is needed to ensure fairness. Obviously, self-enforcing protocols areObviously, self-enforcing protocols are preferable to the other types.preferable to the other types. However, there is not a self-enforcing protocolHowever, there is not a self-enforcing protocol for every situation.for every situation.
  • 14. 14 Protocol to Solve ProblemsProtocol to Solve Problems Cryptographic algorithms rely on the propertyCryptographic algorithms rely on the property that it is easy to encrypt and decrypt messagesthat it is easy to encrypt and decrypt messages with the appropriate keys but very hard to findwith the appropriate keys but very hard to find keys.keys. Therefore key management is really, reallyTherefore key management is really, really important!!!important!!!
  • 16. 16 AssymmetricAssymmetric P----------------------------P----------------------------RR C = E(M, RC = E(M, Rpubpub)) M = D(C, RM = D(C, Rprivpriv)) M = D[E(M, RM = D[E(M, Rpubpub) R) Rprivpriv)])]
  • 17. 17 AssymmetricAssymmetric P -------------------------P ------------------------- RR ConfidentialityConfidentiality – D[E(M, RD[E(M, Rpubpub), R), Rprivpriv]] AuthenticationAuthentication – D[E(M, Ppriv), PD[E(M, Ppriv), Ppubpub]]
  • 18. 18 Protocol to Solve ProblemsProtocol to Solve Problems Several protocols developed for key distribution:Several protocols developed for key distribution: Symmetric key exchange with serverSymmetric key exchange with server Symmetric key exchange without serverSymmetric key exchange without server Asymmetric key exchange with serverAsymmetric key exchange with server Asymmetric key exchange without serverAsymmetric key exchange without server
  • 19. 19 Protocol to Solve ProblemsProtocol to Solve Problems Assume that two users already each have a copy of aAssume that two users already each have a copy of a symmetric (secret) encryption key K known only to themsymmetric (secret) encryption key K known only to them – small messages is ok to use K.– small messages is ok to use K. But for greater security, they can agree to change keysBut for greater security, they can agree to change keys on a frequent basis even as often as a different key foron a frequent basis even as often as a different key for each message.each message. To do this, either one can generate a fresh key calledTo do this, either one can generate a fresh key called KKNEWNEW, encrypt it under K and send to the other., encrypt it under K and send to the other. K is called the “master key”K is called the “master key” KKNEWNEW is called the “traffic” or “session” key.is called the “traffic” or “session” key. Symmetric key exchange without serverSymmetric key exchange without server
  • 20. 20 Block replay attack Assume two bank use fixed format on electronic exchange name of depositor account no transfer amount Suppose outsiders (Tipah) able to tap the data channel between these banks. The first day, Tipah has his bank transfer $10 on his behalf from one bank to another. (Tipah has account with both banks). The next day she does the same thing but the amount is $20. Why Knew?
  • 21. 21 Assume that both transmissions were sent under the same encryption key. Tipah would noticed that the first two blocks encrypted were the same. So she know that the first two blocks are her name and her account no. The only different is the third block (the amount of money).
  • 22. 22 By inserting data onto the transmission line, Tipah can now replace any person and account number with his own name and account number, leaving the amount alone. Tipah does not need to know who should be getting the money or how much is being obtained; Tipah simply changes name and account no to his own and watches the balance in his account grow. In ease, the interceptor does not necessarily have to break the encryption.
  • 23. 23 Protocol to Solve ProblemsProtocol to Solve Problems Symmetric key exchange with serverSymmetric key exchange with server i. Please give me a key to communicate with Renee ii. Here’s a key for you and a copy for Renee iii. Renee, the distribution center gave me this key for our private communication. Renee Pablo Distribution Centre
  • 24. 24 Protocol to Solve ProblemsProtocol to Solve Problems Disadvantage of this approach:Disadvantage of this approach: Two users must both share one key that isTwo users must both share one key that is unique to them.unique to them. Other pairs of users need unique keys andOther pairs of users need unique keys and in general n users need n(n-1)/2.in general n users need n(n-1)/2. Eg. 5 users –> 5(5-1)/2 = 10 keys.Eg. 5 users –> 5(5-1)/2 = 10 keys. Symmetric key exchange without serverSymmetric key exchange without server
  • 25. 25 IssuesIssues 1.1. E(M, Rpub) – slow.E(M, Rpub) – slow. 2.2. E(Knew, Rpub) – no authentication.E(Knew, Rpub) – no authentication. Protocols to Solve ProblemsProtocols to Solve Problems Asymmetric key exchange without serverAsymmetric key exchange without server
  • 26. 26 Protocols to Solve ProblemsProtocols to Solve Problems Suppose Pablo and Reene want to exchange aSuppose Pablo and Reene want to exchange a message, each has a public/private key pair and eachmessage, each has a public/private key pair and each has access to the others public key.has access to the others public key. Denote Ppub –> Pablo public key and Ppriv –> PabloDenote Ppub –> Pablo public key and Ppriv –> Pablo private key.private key. Rpub -> Renee public key and Rpriv -> Renee privateRpub -> Renee public key and Rpriv -> Renee private key.key. Pablo can send E(Knew, Rpub) directly to Reene.Pablo can send E(Knew, Rpub) directly to Reene. But how sure that E(Knew, Rpub) is from Pablo? ReeneBut how sure that E(Knew, Rpub) is from Pablo? Reene couldn’t tell that.couldn’t tell that. So to improve better – Pablo sends to Reene E(E(Knew,So to improve better – Pablo sends to Reene E(E(Knew, Ppriv), Rpub)Ppriv), Rpub) Asymmetric key exchange without serverAsymmetric key exchange without server
  • 27. 27 Protocol to Solve ProblemsProtocol to Solve Problems Asymmetric key exchange with serverAsymmetric key exchange with server 1. Please give me Renee’s Public Key 2. Here is Renee Public Key 3. I’m Pablo, Lets talk 4. Please give me Pablo’s Public Key 5. Here is Pablo’s Public Key 6. Renee here what’s up? 7. How are you Distribution Centre Renee Pablo
  • 28. 28 Protocol to Solve ProblemsProtocol to Solve Problems Distribution Center (DC) How do DC deals with keys? – publish its own public key widely – anybody wish to register, deliver the key and personal identity under the DC key Can have more than one center: – as backup, overload, if it doesn’t have the key, request from other DC – performance, size, reliability – must be available any time So, what gives us confidence that the keys registered are authentic?? That is, they belong to the people whose identification are associated.
  • 29. 29 Protocol to Solve ProblemsProtocol to Solve Problems Certificate Develop ways for two people to establish trust without having both parties to be present. Trust coordinated => Certificate Authority Advantages and Disadvantages of Key Distribution Operational Restriction – availability of DC Trust – who must be trusted Protection from failure – anybody impersonate any entities Efficient Protocol – use several time-consuming steps for one-time use (establish an encryption key) Protocol – easy to implement or not (computer implementation vs manual use)
  • 30. 30 Digital SignatureDigital Signature A Digital Signature is a protocol that produces the same effect as a real signature. It has the following characteristics: – Authentic : the recipient believes the signer deliberately signed the document – Unforgeable : the signature proves that the signer and nobody else signed the document – Single purpose : the signature is attached to the document and cannot be moved to a different one – Unalterable : after it has been signed, the document can no longer be changed. – Unrepudiable : after the fact, the signer cannot successfully deny having signed the document.
  • 31. 31 How does Digital Signature Works?How does Digital Signature Works? Refer to extra notes…