Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI

Description:

Introduction to Public Key Infrastructure (PKI) and Mobile PKI concept Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI By: Ami Azrul bin Abdullah – PowerPoint PPT presentation

Number of Views:198
Avg rating:3.0/5.0
Slides: 29
Provided by: amia150
Category:

less

Transcript and Presenter's Notes

Title: Pengenalan kepada Prasarana Kekunci Awam (PKI) dan Konsep Mobile PKI


1
Pengenalan kepada Prasarana Kekunci Awam (PKI)
dan Konsep Mobile PKI
Introduction to Public Key Infrastructure (PKI)
and Mobile PKI concept
  • By Ami Azrul bin Abdullah

2
Notes
  • Dengan izin, the content of this presentation
    will be in English for the ease of understanding.

3
AGENDA
4
PREAMBLE 1
5
PREAMBLE 2
  • Preservation of Confidentiality, Integrity,
    Availability (CIA)

Confidentiality
Information is observed by or disclosed to only
those who have a right to know.
Availability
Integrity
Information is available and usable when
required, and the systems that provide it can
resist attacks and recover from failure.
Information is accurate and protected from
unauthorized modification.
6
HISTORY OF ENCRYPTION
7
In the beginning
  • The needs to encrypt/decrypt message
  • E.g. Ami Azrul -? gqi18qhoi
  • Creation of Keys
  • Keys are drived from an algorithm/set of formulas
  • At first symmetric key is used

8
Next
  • The flaws of symmetric key
  • The Creation of Assymetric Key
  • Two keys are not the same yet interrelated
  • One cannot exist without the other
  • Always term as key pairs private and public
  • The process done by private (secret) can only be
    reversed by public (and vice versa)

9
Intermezzo
  • Symmetric Key Pairs are the same encrypt and
    decrypt
  • Common Algorithm AES  Blowfish  DES  Triple
    DES  Serpent  Twofish
  • Assymmetric Public and Private Key Pairs
  • Common examples Diffie-Helman, ECC, RSA


Further reading http//en.wikipedia.org/wiki/RSA
or http//en.wikipedia.org/wiki/Assymetric_key_cr
yptography
10
And so..
  • "private key" means the key of a key pair used to
    create a digital signature "public key" means
    the key of a key pair used to verify a digital
    signature

Definitions from DSA 1997
11
But
  • Keys are only algorithms -gtnumbers
  • The numbers -gt keys are unique
  • Associate identity with keys
  • The birth of the Certification Authority,
    Registration Authority, and of course our
    regulator.

12
PKI IN A NUTSHELL
13
Digital Certificates
Electronic counterparts to driver licenses,
passports, membership cards or any legal
identification documents Proof of identity when
communicating online Contain information about
the owner i.e Name, Public Key, Issuer Name,
Validity Date etc Contain a pair of key Private
Key and Public Key
14
Digital Certificate Sample
  • a) Identity of the public key owner
  • b) Public Key
  • c) Version Number
  • d) Certificate serial number
  • e) Identity of the issuer
  • f) Validity period
  • g) Extension fields
  • The digital certificates format is defined by
    CCITT X.509 International standard

15
The story continues..
  • digital signature" means a transformation of a
    message using an asymmetric cryptosystem such
    that a person having the initial message and the
    signer's public key can accurately determine-
    (a) whether the transformation was created
    using the private key that corresponds to the
    signer's public key and (b) whether the
    message has been altered since the transformation
    was made

"
16
SOME TECHNICAL CONCEPT
The Concept of Digital Certificates - Private
Public Key
CA via RA
17
Asymmetric encryption
The quick brown fox jumps over the lazy dog
H88gikp080h6 54gcv.Tgf7676f HF76yt476hTPcs
Encryption
Encrypted data
Clear data
Receivers Public key
H88gikp080h6 54gcv.Tgf7676f HF76yt476hTPcs
The quick brown fox jumps over the lazy dog
Decryption
Clear data
Encrypted data
cret
Receivers Private key
Different keys
se
  • Suggested for the first time in 1976 by two
    Americans, Diffie Hellman
  • Only receiver can decrypt with his private key
  • Everyone can encrypt with receivers public key

18
Digital Signature and authentication
The quick brown fox jumps over the lazy dog
H88gikp080h6 54gcv.Tgf7676f HF76yt476hTPcs
Me mod n
Encrypted data (but not secret)
Clear data
Senders Private key
H88gikp080h6 54gcv.Tgf7676f HF76yt476hTPcs
The quick brown fox jumps over the lazy dog
Re mod n
Encrypted data
Clear data
Senders Public key
  • Private key can be used for encryption
  • Only sender can have generated this message!
  • Used for authentication and digital signatures


19
WHAT DOES PKI FULFILL?
  • Confidentiality
  • Authenticity
  • Integrity
  • Non Repudiation

20
PKI IN MACRO LEVEL
21
(No Transcript)
22
MEDIA FOR CERTIFICATES
Key Certificates Storage Smart Card incl.
MyKad Crypto USB Token Hard / Floppy Disk MOBILE
PHONES
23
AND .
Reader Driver for communication between OS/Devices
PKI Agent/Software needed to give card / token
function. Similar to mobile.
24
MOBILE PKI CONCEPT
25
Background
  • There are more users of smart phones than PC
  • On the go transaction
  • Concept wise User download Agent on mobile
    phone
  • Android, iOS, Windows and Blackberry

26
Socket Based Connection
  1. User opens the third partys website
  2. User provides needed info
  3. Third party calls the required function from our
    server.
  4. Our server calls the client side app.
  5. Client side app sent back the result
  6. Our Server sends the result back to the server.
  • The client side (phone/pc) is having two way
    connection with our server.
  • Third parties can issue a request for operation
  • Our server will ask the client to do that
    operation
  • Server will send the result back to the third
    party.

27
Socket Based Connection
  • Functions
  • Encrypt
  • Verify
  • Authentication

Mobile GPKI Agent
  • Functions
  • Sign
  • Decrypt

Bidirectional Socket
Web Service Calling
Third Party Application
GPKI Agent Gateway Server
PC GPKI Agent
28
Question and Answers
  • TERIMA KASIH
Write a Comment
User Comments (0)
About PowerShow.com