SlideShare a Scribd company logo

Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, CA, SSL, SET

Download as PPT, PDF
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

Presented at Seminar at Bahria University June 2007 Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, Certification Authority, Secure Socket Layer (SSL), Secure Electronic Transaction (SET)

TechnologyEducation
1 of 25
Cryptography Simplified – Symmetric Key, Public Key, Digital Signature, CA, SSL, SET M. Faisal Naqvi Research Consultant (Technical), ECAC
Obstacle in growth of E-Commerce Why most people don’t use E-Commerce? • Lack of trust • Fraudulent Merchants • Hacking/Cracking • Credit Card Information Theft • Privacy issues
Technical Requirements of User of E-Commerce • Confidentiality :- Privacy from third person • Integrity:- Change in message during transit should be detected • Authenticity:- Identity of sender should be detected • Non-repudiation:- Denial of sender should not be possible • Anonymity:- Info. of Customer & Transaction should be confidential from dealing party. • Availability
How Requirements can be Fulfilled? • Cryptography i.e. – Encryption (Encoding) – Decryption (Decoding) CALL ME Plain Text E DBMM NF Cipher Text D CALL ME Plain Text Alice Bob
Main Cryptographic Techniques 1. Secret Key Cryptography 2. Public Key Cryptography a) For Confidentiality b) For Authenticity & Integrity
1. Secret Key Cryptography • Also called Symmetric Key Cryptography • Only one key is used for encryption as well as for decryption • e.g. Digital Encryption Standard (DES) CALL ME Plain Text E DBMM NF Cipher Text D CALL ME Plain Text Alice BobKey=1 Key=1
2. Public Key Cryptography • Also called Asymmetric Key Cryptography • For each party there is a Key pair i.e.: 1. Private Key (known to owner only) 2. Public Key (Published, known to Everyone) • When we encrypt using Pub. Key it can only be decrypted using Pvt. Key and vice versa. • e.g. Rivest Shamir Adelman (RSA) Algorithm
2. Public Key Cryptography (Cont...) • Public Key Cryptography can be used in two ways: a) Encryption with Pub. Key & Decryption with Pvt. Key (to achieve Confidentiality). b) Encryption with Pvt. Key & Decryption with Pub. Key (to achieve Authenticity and Integrity)
2. Public Key Cryptography (Cont...) For Confidentiality • Sender Encrypts the Message with the Public Key of the Recipient • The Recipient Decrypts the Encrypted Message, with his own Private Key 10,000 Plain Text E 5,000 Cipher Text D 10,000 Plain Text Bob Bob’s Public Key=0.5 Bob’s Private Key=2Public
2. Public Key Cryptography (Cont...) For Authenticity & Integrity of Message • The Sender Encrypts the Message, with his own Private Key. • The Recipient Decrypts the Encrypted Message with the Public Key of the Sender. 10,000 Plain Text E 20,000 Cipher Text D 10,000 Plain Text Bob Bob’s Private Key=2 Bob’s Public Key=0.5 Public
Achieving Authenticity, Integrity and Confidentiality simultaneously... Cipher Digital Sign 1. Sender’s Pvt. Sender 2. Recipient’s Pub. 3. Recipient’s Pvt. 4. Sender’s Pub. Doc. Digital Sign Doc. Recipient
Achieving Authenticity, Integrity and Confidentiality simultaneously (Cont…) 1. The Sender Encrypts the Message, with his own Pvt. Key. (for Authenticity and Integrity) 2. Then Sender Encrypts the result, with the Pub. Key of Recipient. (For confidentiality) 3. The Recipient decrypts the cipher, with his own Pvt. Key (to open confidentiality) 4. Then Recipient decrypts the result, with the Pub. Key of Sender (to Authenticate)
Need of a Certification Authority (CA) Issues • How someone can Publish his Public Key? • How someone can verify that a Public Key belongs to a particular Person? Solution • Public Key can be Published through a Third Party, Trusted by both Sender & Recipient. • This Trusted Third Party is called Certification Authority (CA) • CA verifies and certifies, by issuing a Digital Certificate, that a particular “Public Key” belongs to a “Particular Person” and publishes the same through Web.
What CA publish about a Digital Certificate ? Ibrar Ahmad
How CA Works? CA : • accepts Application to issue Digital Certificate • verifies Identity of Subscriber • verifies that subscriber has corresponding Pvt. key • generates Digital Certificate • publishes Digital Certificate of its subscriber on its web site so that anyone can download Digital Cert. of any other person from the CA’s web site • accepts Request to Revoke the Certificate • publishes Certificate Revocation List (CRL) so that anyone can check whether Cert. is Revoked
What is Public Key Infrastructure (PKI)? • PKI includes: – Sender(s) – Recipient(s) – and CA(s) • By using Cryptography to fulfill all requirements jointly or severally: – Confidentiality – Integrity – Authenticity – Non-repudiation – Reliability – Accountability – Anonymity
Importance of PKI PKI: • Provides secure and trusted e-communication environment. • Is inevitable for e-commerce, e-business & e- governance etc.
Use of PKI in E-Commerce Some Protocols based on PKI: • Secure Socket Layer (SSL) • Secure Electronic Transaction (SET)
Secure Socket Layer (SSL) • Most commonly used (e.g. Hotmail, Yahoo) • Simplest • only confidentiality and integrity is achieved • Authenticity is not the part of Protocol • Only server’s Digital Certificate is required • Not a payment protocol specifically • For any secure communication
Secure Socket Layer Process Server Client 2. Server’s Public Key 1. Client Generate Secret Key 3. Secret Key encrypted with Server’s Pub. Key 4. Server decrypts Secret Key using its Pvt. Key 5. Communicate securely using secret key
Secure Electronic Transaction (SET) • Most Comprehensive • Confidentiality, Integrity, Authenticity, Non Repudiation and Anonymity/Privacy can also be achieved • Comparatively Complex • Digital Certificates of Merchant, Bank and Customer is required • Specifically a Payment Protocol
SET Protocol Process • OI = Order Information (Products/Services) • PI = Payment Information (Credit Card etc.) • C = Customer • M = Merchant • B = Bank • Pb = Public • Pv = Private
SET Protocol Process (Cont…) Customer Bank Merchant 1. MPb[CPv{MPb(OI)+BPb(PI)}] 2. BPb[MPv[CPv{MPb(OI)+BPb(PI)}]]
?
Thank You

Recommended

Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Information and network security 43 digital signatures
Information and network security 43 digital signaturesInformation and network security 43 digital signatures
Information and network security 43 digital signaturesVaibhav Khanna
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesVivaka Nand
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commercemahesh tawade
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
Digital signature Brief Introduction
Digital signature Brief IntroductionDigital signature Brief Introduction
Digital signature Brief IntroductionGanesh Kothe
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overviewRishi Pathak
 

Recommended

Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Information and network security 43 digital signatures
Information and network security 43 digital signaturesInformation and network security 43 digital signatures
Information and network security 43 digital signaturesVaibhav Khanna
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesVivaka Nand
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commercemahesh tawade
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
Digital signature Brief Introduction
Digital signature Brief IntroductionDigital signature Brief Introduction
Digital signature Brief IntroductionGanesh Kothe
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overviewRishi Pathak
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATUREravijain90
 
Digital Certificate
Digital CertificateDigital Certificate
Digital CertificateSumant Diwakar
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificateKumkum Sharma
 
How to design a digital signature in odoo
How to design a digital signature in odooHow to design a digital signature in odoo
How to design a digital signature in odooPlanetOdoo
 
Digital signature
Digital signatureDigital signature
Digital signature9799907840kd
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureSt Mary's College,Thrissur,Kerala
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Ds over
Ds overDs over
Ds overjolly9293
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
Digital signature
Digital signatureDigital signature
Digital signatureCHESStest{perfect Kadhu}
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureAdarsh Kumar Yadav
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSCAdv Prashant Mali
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesReachLocal Services India
 
Literature review of Digital Signature
Literature review of Digital SignatureLiterature review of Digital Signature
Literature review of Digital SignatureAsim Neupane
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Routing to components
Routing to componentsRouting to components
Routing to componentsChristopher Caplinger
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 
SSL Technology
SSL TechnologySSL Technology
SSL TechnologyPushpraj Verma
 

More Related Content

What's hot

Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATUREravijain90
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificateKumkum Sharma
 
How to design a digital signature in odoo
How to design a digital signature in odooHow to design a digital signature in odoo
How to design a digital signature in odooPlanetOdoo
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSCAdv Prashant Mali
 
Literature review of Digital Signature
Literature review of Digital SignatureLiterature review of Digital Signature
Literature review of Digital SignatureAsim Neupane
 

What's hot (19)

Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATURE
 
Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificate
 
How to design a digital signature in odoo
How to design a digital signature in odooHow to design a digital signature in odoo
How to design a digital signature in odoo
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Ds over
Ds overDs over
Ds over
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSC
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Literature review of Digital Signature
Literature review of Digital SignatureLiterature review of Digital Signature
Literature review of Digital Signature
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 

Viewers also liked

Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 
2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: SwitchCheng-Yi Yu
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Vishal Kumar
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web securityrajakhurram
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing ProtocolsDsunte Wilson
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsDsunte Wilson
 

Viewers also liked (12)

Routing to components
Routing to componentsRouting to components
Routing to components
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
SSL Technology
SSL TechnologySSL Technology
SSL Technology
 
CCNA Routing Protocols
CCNA Routing Protocols CCNA Routing Protocols
CCNA Routing Protocols
 
Network device management
Network device managementNetwork device management
Network device management
 
2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2
 
Lecture 6 web security
Lecture 6 web securityLecture 6 web security
Lecture 6 web security
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing Protocols
 

Similar to Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, CA, SSL, SET

Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101Gary Jan
 
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
 
Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Nicholas Davis
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkpromediakw
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLSOlle E Johansson
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Castle Presentation 08-12-04
Castle Presentation 08-12-04Castle Presentation 08-12-04
Castle Presentation 08-12-04Howard Hellman
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introductionAvirot Mitamura
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 

Similar to Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, CA, SSL, SET (20)

Role of Certification Authority in E-Commerce
Role of Certification Authority in E-CommerceRole of Certification Authority in E-Commerce
Role of Certification Authority in E-Commerce
 
Whatisdigitalsignature
WhatisdigitalsignatureWhatisdigitalsignature
Whatisdigitalsignature
 
Whatisdigitalsignature
WhatisdigitalsignatureWhatisdigitalsignature
Whatisdigitalsignature
 
Digital Security 101
Digital Security 101Digital Security 101
Digital Security 101
 
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
 
Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in Bangladesh
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
Cryptography
CryptographyCryptography
Cryptography
 
Castle Presentation 08-12-04
Castle Presentation 08-12-04Castle Presentation 08-12-04
Castle Presentation 08-12-04
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
 
PKI & SSL
PKI & SSLPKI & SSL
PKI & SSL
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 

More from Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

More from Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master (11)

Cyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in DepthCyber Security Layers - Defense in Depth
Cyber Security Layers - Defense in Depth
 
IoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyIoT - Rise of New Zombies Army
IoT - Rise of New Zombies Army
 
E commerce Security for end Users
E commerce Security for end UsersE commerce Security for end Users
E commerce Security for end Users
 
Online Security
Online SecurityOnline Security
Online Security
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
Application Security
Application SecurityApplication Security
Application Security
 
Information Security Challenges & Opportunities
Information Security Challenges & OpportunitiesInformation Security Challenges & Opportunities
Information Security Challenges & Opportunities
 
Recent PCI Hacks
Recent PCI HacksRecent PCI Hacks
Recent PCI Hacks
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security Standards
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & Control
 
Response To Criticism On E Crime Law
Response To Criticism On E Crime LawResponse To Criticism On E Crime Law
Response To Criticism On E Crime Law
 

Recently uploaded

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 

Recently uploaded (20)

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 

Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, CA, SSL, SET

  • 1. Cryptography Simplified – Symmetric Key, Public Key, Digital Signature, CA, SSL, SET M. Faisal Naqvi Research Consultant (Technical), ECAC
  • 2. Obstacle in growth of E-Commerce Why most people don’t use E-Commerce? • Lack of trust • Fraudulent Merchants • Hacking/Cracking • Credit Card Information Theft • Privacy issues
  • 3. Technical Requirements of User of E-Commerce • Confidentiality :- Privacy from third person • Integrity:- Change in message during transit should be detected • Authenticity:- Identity of sender should be detected • Non-repudiation:- Denial of sender should not be possible • Anonymity:- Info. of Customer & Transaction should be confidential from dealing party. • Availability
  • 4. How Requirements can be Fulfilled? • Cryptography i.e. – Encryption (Encoding) – Decryption (Decoding) CALL ME Plain Text E DBMM NF Cipher Text D CALL ME Plain Text Alice Bob
  • 5. Main Cryptographic Techniques 1. Secret Key Cryptography 2. Public Key Cryptography a) For Confidentiality b) For Authenticity & Integrity
  • 6. 1. Secret Key Cryptography • Also called Symmetric Key Cryptography • Only one key is used for encryption as well as for decryption • e.g. Digital Encryption Standard (DES) CALL ME Plain Text E DBMM NF Cipher Text D CALL ME Plain Text Alice BobKey=1 Key=1
  • 7. 2. Public Key Cryptography • Also called Asymmetric Key Cryptography • For each party there is a Key pair i.e.: 1. Private Key (known to owner only) 2. Public Key (Published, known to Everyone) • When we encrypt using Pub. Key it can only be decrypted using Pvt. Key and vice versa. • e.g. Rivest Shamir Adelman (RSA) Algorithm
  • 8. 2. Public Key Cryptography (Cont...) • Public Key Cryptography can be used in two ways: a) Encryption with Pub. Key & Decryption with Pvt. Key (to achieve Confidentiality). b) Encryption with Pvt. Key & Decryption with Pub. Key (to achieve Authenticity and Integrity)
  • 9. 2. Public Key Cryptography (Cont...) For Confidentiality • Sender Encrypts the Message with the Public Key of the Recipient • The Recipient Decrypts the Encrypted Message, with his own Private Key 10,000 Plain Text E 5,000 Cipher Text D 10,000 Plain Text Bob Bob’s Public Key=0.5 Bob’s Private Key=2Public
  • 10. 2. Public Key Cryptography (Cont...) For Authenticity & Integrity of Message • The Sender Encrypts the Message, with his own Private Key. • The Recipient Decrypts the Encrypted Message with the Public Key of the Sender. 10,000 Plain Text E 20,000 Cipher Text D 10,000 Plain Text Bob Bob’s Private Key=2 Bob’s Public Key=0.5 Public
  • 11. Achieving Authenticity, Integrity and Confidentiality simultaneously... Cipher Digital Sign 1. Sender’s Pvt. Sender 2. Recipient’s Pub. 3. Recipient’s Pvt. 4. Sender’s Pub. Doc. Digital Sign Doc. Recipient
  • 12. Achieving Authenticity, Integrity and Confidentiality simultaneously (Cont…) 1. The Sender Encrypts the Message, with his own Pvt. Key. (for Authenticity and Integrity) 2. Then Sender Encrypts the result, with the Pub. Key of Recipient. (For confidentiality) 3. The Recipient decrypts the cipher, with his own Pvt. Key (to open confidentiality) 4. Then Recipient decrypts the result, with the Pub. Key of Sender (to Authenticate)
  • 13. Need of a Certification Authority (CA) Issues • How someone can Publish his Public Key? • How someone can verify that a Public Key belongs to a particular Person? Solution • Public Key can be Published through a Third Party, Trusted by both Sender & Recipient. • This Trusted Third Party is called Certification Authority (CA) • CA verifies and certifies, by issuing a Digital Certificate, that a particular “Public Key” belongs to a “Particular Person” and publishes the same through Web.
  • 14. What CA publish about a Digital Certificate ? Ibrar Ahmad
  • 15. How CA Works? CA : • accepts Application to issue Digital Certificate • verifies Identity of Subscriber • verifies that subscriber has corresponding Pvt. key • generates Digital Certificate • publishes Digital Certificate of its subscriber on its web site so that anyone can download Digital Cert. of any other person from the CA’s web site • accepts Request to Revoke the Certificate • publishes Certificate Revocation List (CRL) so that anyone can check whether Cert. is Revoked
  • 16. What is Public Key Infrastructure (PKI)? • PKI includes: – Sender(s) – Recipient(s) – and CA(s) • By using Cryptography to fulfill all requirements jointly or severally: – Confidentiality – Integrity – Authenticity – Non-repudiation – Reliability – Accountability – Anonymity
  • 17. Importance of PKI PKI: • Provides secure and trusted e-communication environment. • Is inevitable for e-commerce, e-business & e- governance etc.
  • 18. Use of PKI in E-Commerce Some Protocols based on PKI: • Secure Socket Layer (SSL) • Secure Electronic Transaction (SET)
  • 19. Secure Socket Layer (SSL) • Most commonly used (e.g. Hotmail, Yahoo) • Simplest • only confidentiality and integrity is achieved • Authenticity is not the part of Protocol • Only server’s Digital Certificate is required • Not a payment protocol specifically • For any secure communication
  • 20. Secure Socket Layer Process Server Client 2. Server’s Public Key 1. Client Generate Secret Key 3. Secret Key encrypted with Server’s Pub. Key 4. Server decrypts Secret Key using its Pvt. Key 5. Communicate securely using secret key
  • 21. Secure Electronic Transaction (SET) • Most Comprehensive • Confidentiality, Integrity, Authenticity, Non Repudiation and Anonymity/Privacy can also be achieved • Comparatively Complex • Digital Certificates of Merchant, Bank and Customer is required • Specifically a Payment Protocol
  • 22. SET Protocol Process • OI = Order Information (Products/Services) • PI = Payment Information (Credit Card etc.) • C = Customer • M = Merchant • B = Bank • Pb = Public • Pv = Private
  • 23. SET Protocol Process (Cont…) Customer Bank Merchant 1. MPb[CPv{MPb(OI)+BPb(PI)}] 2. BPb[MPv[CPv{MPb(OI)+BPb(PI)}]]
  • 24. ?

Editor's Notes

  1. To make understanding simple, concept of digital envelop and hash is intentionally omitted.