Previous Slide


Authentication and Cryptography

Next Slide

PUBLIC KEY CRYPTOGRAPHY IS USELESS WITHOUT SOME WAY TO PREVENT IMPERSONATION.

SUPPOSE A AND B WANT TO TALK, C WANTS TO EAVESDROP, AND C CAN INTERCEPT AND REPLACE MESSAGES A AND B SEND.

  • WHEN A AND B TRY TO SEND EACH OTHER THEIR PUBLIC KEYS, C CAN SUBSTITUTE FORGED MESSAGES CONTAINING HER PUBLIC KEY.

  • C CAN THEN INTERCEPT AND READ ALL FUTURE, ENCRYPTED MESSAGES.

  • C CAN USE THE INTERCEPTED KEYS TO FORGE PROPERLY ENCRYPTED MESSAGES TO FORWARD TO A AND B SO THEY NEVER NOTICE.



The Web:
Technologies and
Techniques


Links to other course pages:


Williams College
Department of Computer Science
This page is part of a section of lecture slides related to " Authentication " within the topic "Privacy Issues and Encryption". Other slides within this section and other sections of slides for the topic "Privacy Issues and Encryption" can be accessed using the links below.
  • Electronic Privacy Threats
  • Internet Eavesdropping
  • Who can you Trust?
  • Secure Web Communications
  • Traditional Cryptography
  • Encryption Basics
  • Cryptographic Notation
  • The Caesar Cipher
  • Key-based Encryption Schemes
  • Generalizing the Caesar Cipher
  • More Notation
  • Key Properties
  • Vigenere Cypher
  • Vigenere Cypher (cont.)
  • The Key Distribution Problem
  • Public Key Cryptography
  • Public Key Cryptography
  • Public Key Distribution
  • The RSA Cryptosystem
  • Some Details of the RSA Cryptosystem
  • Some Details of the RSA Cryptosystem (cont.)
  • Properties of the RSA Cryptosystem
  • Authentication
  • Authentication
  • Authentication and the Internet
  • Authentication and Cryptography
  • Digital Signatures?
  • Digital Signatures (cont.)
  • Authenticity with Secrecy
  • Certifying Authorities
  • Certifying Authorities (cont.)
  • Data Gathering vs. Privacy
  • "Passive" Privacy Threats
  • HTTP Protocol Headers
  • Server Response Headers
  • Web Browser Headers
  • What are "Magic Cookies"?
  • Magic Cookies
  • Data Mining
  • Passive Privacy and Encryption Techniques
  • Digital Cash
  • Anonymous Internet Financial Transactions
  • Commutative Encryption
  • Blank Bills
  • Withdrawal Symptoms
  • Making Money
  • A Spending Spree