Scribd
Upload
38 views32 pages

Application Support Functions

This chapter discusses application support functions for security including ASN.1, data encryption, nonrepudiation, and authentication. It covers ASN.1 syntax for representing data during transfer, describes security concepts like integrity and privacy. Symmetric encryption techniques like shift ciphers and the Data Encryption Standard are explained. Asymmetric algorithms like RSA are also summarized, including the use of public/private key pairs. The role of certification authorities in verifying identities is also mentioned.

Uploaded by

Shiladitya Ganguly
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
38 views32 pages

Application Support Functions

This chapter discusses application support functions for security including ASN.1, data encryption, nonrepudiation, and authentication. It covers ASN.1 syntax for representing data during transfer, describes security concepts like integrity and privacy. Symmetric encryption techniques like shift ciphers and the Data Encryption Standard are explained. Asymmetric algorithms like RSA are also summarized, including the use of public/private key pairs. The role of certification authorities in verifying identities is also mentioned.

Uploaded by

Shiladitya Ganguly
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 32

Chapter 13

Application support functions


13.1 Introduction

 ASN.1
 Security
 Data encryption
 Nonrepudiation
 Authentication
 Public key certification authorities
13.2 ASN.1
 Concern the representation (syntax) of data during its transfer
between two APs
 Ensure the messages exchanged between two Aps have a
common meaning ---- shared semantics
13.2 ASN.1 (cont-1)
13.2.1 Type definitions
 Four classes of type identifiers
 UNIVERSAL: the generalized types such as integer
 CONTEXT-SPECIFIC : these are related to the specific context in which
they are used
 APPLICATION : these are common to a complete application
 PRIVATE : these are user definable but must begin with an upper-case
letter

 Primitive types availables :

UNIVERSAL (primitive) : BOOLEAN


INTEGER
BITSTRING
OCTETSTRING
REAL
ENUMERATED
IA5String/Display String
NULL
ANY
13.2.1 Type definitions (cont-1)
13.2.1 Type definitions (cont-2)

Constructed type :
 UNIVERSAL(constructed) SEQUENCE : a fixed bounded,ordered list
of types
 SEQUENCEOF : a fixed or unbounded,ordered list of elements,all of
the same type
 SET : a fixed or unbounded,unordered list of elements,all of the same
type
 CHOICE : a fixed, unordered list of types, selected from a previously
specified set of types

Tag:
 CONTEXT-SPECIFIC : the tag has meaning only within the scope of the
present structured type
 APPLICATION : the tag has meaning in the context of the complete
application (collection of types)
 PRIVATE : the tag has meaning only to the user
13.2.1 Type definitions (cont-3)
13.2.2 Transfer syntax
Encoding
 Identifier : defines the ASN.1 type
 Length : defines the number of octets in the contents field
 Contents : defines the contents (which may be other data element for a structured type)
13.2.2 Transfer syntax (cont-1)
13.2.2 Transfer syntax (cont-2)
13.2.2 Transfer syntax (cont-3)

Decoding
13.2.2 Transfer syntax (cont-4)
13.3 Security

 Integrity
has not been altered in any way
 Privacy/secrecy
has not been intercepted and read by anyone
 Authentication
has come from an authorized sender
 Nonrepudiation
has proof that the stated sender initiated the
transaction
13.4 Data encryption
13.4.1 Terminology
 PlainText
Prior to encryption, message data is normally referred to as PlainText
 Ciphertext
After encryption, message data referred to as ciphertext
13.4.2 Basic techniques

The plaintext alphabet simply shifted by n places where n is the key.


Hence,if the key is 3, the resulting alphabet is as follows:

Plaintext alphabet: a b c d e f g
Ciphertext alphabet: b e f g h i j

A more powerful variation is to define a ciphertext alphabet that is a


Random mix of the plaintext alphabet. For example:

Plaintext alphabet: a b c d e f g
Ciphertext alphabet: n z q a i y m
13.4.2 Basic techniques (cont-1)
For example:
Assuming a plaintext message of “this is a lovely day” , the
ciphertext is derived as follows :

1 2 3 4 --- key

t h i s

- i s -

a - l o

v e l y

- d a y

Ciphertext = t-av-hi-edisllas-oyy
13.4.2 Basic techniques (cont-2)
13.4.2 Basic techniques (cont-3)
13.4.3 The data encryption standard
13.4.3 The data encryption standard (cont-1)

The principle of encryption


Lx = Rx-1

Rx = Lx-1 + fn( Rx-1 , Kx )


13.4.3 The data encryption standard (cont-2)
13.4.3 The data encryption standard (cont-3)
13.4.3 The data encryption standard (cont-4)
13.4.4 IDEA
IDEA : International Data Encryption Algorithm
13.4.5 The RSA algorithm
13.4.5 The RSA algorithm (cont-1)
A much simplified example of RSA

To create the public key Kp : Example :


 Select two large positive prime numbers P and Q P=7 , Q=17
 Compute X = ( P-1 )( Q-1 ) X=96
 Choose an integer E which is prime relative to X, i.e.,not
a prime factor of X or a multiple of it ,and which satisfies
the condition indicated below for the computation of K s E=5
 Compute N = P x Q N=119
 Kp is then N concatenated with E K p=119 , 5

To create the secret key Ks :


 Compute D such that MOD (DxE,X) = 1 Dx5/96=1 , D=77
 Ks is then N concatenated with D K s=119,77

To compute the ciphertext C of plaintext P :


 Treat P as a numerical value P=19
 C = MOD(PE,N) C=MOD(19 5,119)=66

To compute the plaintext P of ciphertext C :


 P = MOD(CD,N) P=MOD(66 77,119)=19
13.5 Nonrepudiation
13.6 Authentication

13.6.1 Using a public key system


13.6.2 Using a private key system
13.7 Public key certification authorities

CA : Certification Authority
Contents of a certificate in RFC 1422
Summary

You might also like