Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Asymmetric encryptionEach participant self generates a key pairp p g y p
Encryption
Secret Key, Public Key
EncryptionMessage encrypted by a recipient’s public key
DecryptionM d d b i i ’ k Message decrypted by a recipient’s secret key
blProblem:Case 1: Bad guy
Sender ReceiverPs; Ss; Pr Ps; Sr; Pr{Message}Ps
Case 2: Bad guyCase 2: Bad guy
P S P S d{Message}Ss Receiver Ps; Sr; Pr
Ps; Ss; Pr Sender
Bad guy
?
Ps; Ss; Pr {{Message}Ss}PrP S P
?
Ps; Ss; PrSender
{{ g } }Receiver Pr; Sr; Ps
‐ Data Encryption Standard (DES)‐ Data Encryption Standard (DES)
Diff H ll K E hDiffe‐Hellman Key ExchangeThe dynamic exchange of keysCommunication overheadCommunication overhead
RSARSAStatic key for each receiverDistributed the key by a formal trusted authorityDistributed the key by a formal trusted authorityReduces communication overhead
T f t th ti tiTwo-factor authentication
Chip Authentication ProgramChip Authentication Program
Pseudo random numberPseudo‐random number
PIN or Password
Step 1: I am XXX
server
Step_1: I am XXX.
Step_2: 777Step_3: 777
clientS 6 serverclientStep_4: 1056 Step_5: 1056
OK
Validationf(777)=1056Success!!!Success!!!
Step_1: I am XXX.
Step_2: 777Step_3: 777
clientStep_4: 1056
Step_5: 1056
OKserver
Validationf(777)=1056777 => 1056 (777) 5Success!!!.
.
.
Step 1: I am XXX
server
Step_1: I am XXX.
Step_2: 777Step_3: 777
clientS 6 serverclientStep_4: 1056 Step_5: 1056
OK
Validationf(777)=1056Success!!!
‐Build‐in Clock‐ Factory‐encoded random key (seed)‐ One time passwords
‐Build‐in Clock‐ Factory‐encoded random key (seed)‐ One time passwords Success!!!One time passwords‐ Declining authentication if we found two credentials within the same time frame
One time passwords‐ Declining authentication if we found two credentials within the same time framea e‐ Utilize encryption mechanismsa e
‐ Utilize encryption mechanisms
Cost effectivenessCost effectiveness Hiffe‐Hellman Public Key Exchange
Hiffe‐Hellman Public Key Exchange
RSA Secure ID ProtocolRSA Secure ID Protocol??????