Symmetric Cryptography - E-Commerce - Lecture Slides, Slides of Fundamentals of E-Commerce

Download Symmetric Cryptography - E-Commerce - Lecture Slides and more Slides Fundamentals of E-Commerce in PDF only on Docsity!

Symmetric Cryptography

The same key is used for encrypting and decryptingmessages

Public Key Cryptography

Multiple people encrypt messages using the recipient’swell-known public key. The recipient decrypts it with herprivate key.

Public Key Cryptography (cont.)

Key Distribution

Certification Authority (CA) acts as a trusted thirdparty which distributes digital certificates.
The digital certificates which are publicly distributedcontain a user’s public key as well as otherinformation such as the user’s personal details andthe expiry date of the key.
Registration Authoriy verifies a user’s identity at thetime the user applies for a digital certificate. Often theCA and an RA are the same entities.

Public Key Distribution

Digital Signature Process

Digital Envelopes 1.

Sender generates a random message key (K). Senderencrypts the message (M) with K, creating the ciphertext message (CM).

Sender encrypts K with recipient’s public key (RPubK),generating cipher text CK.

Sender computes a digital signature (S) using herprivate signature (SPrivK)

Sender sends CK, CM and S to recipient.

Recipient uses his private key (RPrivK) to decrypt CKand obtain K.

Recipient uses K to decrypt CM and get M.

Recipient uses sender’s public key (SPubK) to validateS.

Firewalls

A firewall is a device that is placed between yoursystem and the internet. It can monitor and filterany incoming and outgoing traffic.

Offers a single point at which security can bemonitored and alarms generated.

Encryption can be used as a safeguard.

There should be a security policy in place.

An important point need to keep in mind thatfirewalls are not always impenetrable.