Beruflich Dokumente
Kultur Dokumente
Network Security
31.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
31-1 SECURITY SERVICES
31.2
Figure 31.1 Security services related to the message or entity
31.3
31-3 MESSAGE INTEGRITY
31.4
Note
31.5
Figure 31.4 Message and message digest
Notations:
m: message
H(m): message digest of m by using hash function H()
31.6
Note
31.7
Figure 31.5 Checking integrity
31.8
Figure 31.6 Criteria of a hash function
• One-wayness:
• Cannot recover message m given its digest H(m)
• Weak collision resistance:
• Given message m, cannot generate another message m’ such that
H(m’)=H(m) ensure integrity
• Strong collision resistance: (a stronger requirement than above one)
• Sender cannot generate two messages m and m’ such that
H(m)=H(m’) ensure nonrepudation
31.9
Example 31.1
Solution
We cannot. A lossless compression method creates a
compressed message that is reversible. You can
uncompress the compressed message to get the original
one.
31.10
Example 31.2
Solution
We cannot. A checksum function is not reversible; it
meets the first criterion.
31.12
Note
31.14
Figure 31.9 MAC, created by Alice and checked by Bob
31.15
Figure 31.10 HMAC (Hashed MAC): uses keyless hash function
31.16
31-5 DIGITAL SIGNATURE
Notations:
m: message
H(m): message digest of m by using hash function H()
KA- :Private key of user A
KA+ :Public key of user A
KAB: Symmetric key between A and B
K(m): ciphertext of message m by using encryption key K
31.18
Figure 31.11 Signing the message itself in digital signature
Public KA+
Private KA-
Problem: Too expensive to sign message itself using public key system
31.19
Note
31.20
Figure 31.12 Signing the digest in a digital signature
KA-
KA+
31.21
Digital signature provides three out of the five services we mentioned for security
systems
Integrity
Authentication
Nonrepudiation
31.22
31-7 KEY MANAGEMENT
31.23
Figure 31.19 KDC (key distribution center)
31.24
Note
31.25
Figure 31.30 Creating a session key between Alice and Bob using KDC
31.26
Note
31.27
Figure 31.23 Announcing a public key
Problem: How can you know what you get is really Bob’s
public key?
31.28
Certification Authorities
Certification authority (CA): binds public key to
particular entity, E.
E (person, router) registers its public key with CA.
E provides “proof of identity” to CA.
CA creates certificate binding E to its public key.
certificate containing E’s public key digitally signed by CA –
CA says “this is E’s public key”
- +
K CA(KB )
Bob’s digital
+
public +
signature KB
key KB (encrypt)
CA
certificate for
K-
Bob’s private
identifying key CA Bob’s public key,
information signed by CA
31.29
Certification Authorities
CA
public +
K CA
key
31.30
A certificate contains:
31.31
Internet Web Security Architecture
Web Server B
CA
K +B
K-CA(K+B)
KAB(m)
31.32
Internet Web Security Conditions
31.33