SlideShare una empresa de Scribd logo
1 de 54
Security Everywhere:
Digital Fingerprint, Signature & Certificate
<Fundamental 1>
Paul Yang
Feb 2009
Course Objectives:
• Bring up your awareness of security
• Give you an idea to secure your electronic
life
Agenda
• Security Everywhere
• How to secure our E-life
• Digital Fingerprint (Hash, Digest, Measure)
• Digital Signature
• Digital Certificate with PKI
Our Life
Physical Realm
4
4 Factors of Security
Authentication
Integrity
Non-
repudiation
Privacy Nobody Can Know
Who I Am
It’s Unmodifiable
It’s Undeniable
Security Everywhere
Real life: Sealing wax in Middle Ages
Q1. How to prevent someone from tamperingQ1. How to prevent someone from tampering
your letteryour letter ??
Q1. How to prevent someone from tamperingQ1. How to prevent someone from tampering
your letteryour letter ??
Security Everywhere
Real life: Enigma in World War II
Demo
Flash
Simulator
Security Everywhere
Real life: Crime Scene Investigation (CSI)
Forensic scienceForensic science
Testimony Testimony 
DocumentaryDocumentary
Physical / Real Physical / Real 
Digital Exculpatory Digital Exculpatory 
Scientific DemonstrativeScientific Demonstrative
Eyewitness identificationEyewitness identification
Genetic (DNA) Genetic (DNA) 
LiesLies
Take a look at our electronic
Life
9
Security Everywhere
Challenges
• How to prove the card is forged or not?
 How does bank authenticate your identity?
 How to protect my data won’t be intercepted by bad
guy during data transmission?
 How can merchant prevent customer from denying
his/her order?
 How can I trust the merchant is not bad guy?
Are They Still the Original Data ?
• When you receive files from your friend
– Picture files
– MP3 files
– Video files
– Many others type of files….
• When you download Files from Web
– Utility
– Driver
– Patch
– Picture/music/video.. filesHow Do you Know They Are Original
- No lost, Not Been Hacked, No Virus…..
Fingerprint for Any Digital Data
• What is Human Fingerprint ?
– a unique identification to a
person
– Small but can represent a
person, like a digest
• Is it a way for any digital data?
• a program, a letter, or…
• one byte…. one gigabyte, or …..
Is It Possible ?
Digital Data Just Like Human ?
Yes, We Can !
Message Digest
Variable-length input message to aVariable-length input message to a
fixed-lengthfixed-length
Human Fingerprint
 Virtual uniqueness
Measurement
 Detection ofDetection of genuinenessgenuineness
Digital fingerprint
 a logic process which will
result in a fixed length
unique data value
If there is any single bit
change in the original
data, the result will
change dramatically, so
you’ll notice the change
easily
For example: using MD5
Hash algorithm will always
result in xxx bit data value
Fingerprint HOWTO
Fingerprint Function
Original Message
(Document, E-mail)
fingerprint
 A unique value which can be used
to represent the original data
Demo: PsPad editor
MD5
Fingerprint HOWTOInput Fingerprint
I love you
Fingerprint
MD5
e4f58a805a6e1fd0f6bef58c86f9ceb3
Demo: PsPad editor
MD5
I love yoU
Fingerprint
MD5
8bbe24876210671597572bf075412311
Photo1.jpg
Fingerprint
MD5
8cd5c5a2ab5eea7c649fa0994885fb44
Modified Photo1.jpg
Fingerprint
MD5
dfaa08438c77f924717f6dcac756530f
Fingerprint Algorithms
Message-Digest
Algorithm
Digest Length
(bits)
MD2 128
MD4 128
MD5 128
Secure Hash Algorithm
(SHA)
160
References:
MD2
MD4
MD5
SHA
Hash Function
Ex: Downloading the file (Integrity)
Demo – 1 , 2
Problem: The SW I download can’t be opened! Any way to know
if the file is not modified during network transmission?
Problem: The SW I download can’t be opened! Any way to know
if the file is not modified during network transmission?
Hash Function
Ex: User authentication in OS or ATM
machineProblem:
 can I protect my password during user authentication?
 can I shadow my password in OS to prevent someone from stealing it
Problem:
 can I protect my password during user authentication?
 can I shadow my password in OS to prevent someone from stealing it
Client
Server
Fingerprint Function
ID: PaulID: Paul
Password: ILoveYouPassword: ILoveYou
Login requestLogin request
Account: PaulAccount: Paul
Password:Password: +!3420$
User DB
ID Password
Paul +!3420$
Stephen ss-3&6#
Jack l*^$23w
Account: PaulAccount: Paul
Password:Password: +!3420$
User
Authentication
User
Authentication
Login
successful
Login
successful
Login
successful
Login
successful
Are you sure where they come
from?• When you receive files from your friend
– Picture files
– MP3 files
– Video files
– Many others type of files….
• When you download Files from Web
– Utility
– Driver
– Patch
– Picture/music/video.. files
How can you know where they come
from?
Context (Plaint Text)
Digital signature
Sign
Yes, We Can ! Digital Signatures
A Electronic document to provide Authentication, Integrity
and Non-repudiation but NOT Privacy
Verify
Sender ReceiverSender
How Signature Works?
You must understand “What is key?” first
Encryption DecryptionPlaintext Plaintext
Cipher text
Key Key
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
Quiz?
Problem:
I’ve got to remember many passwords for
•My Computer Login
•My ATM PIN
•My Internet Bank
•My Mobile Phone SIM
•My mailbox and MSN
•More…….
Question:
Do you know someplace or someway in which you can secure your
passwords and can check them out easily?
Let’s Practice!Answer:
• Assuming they are four digit numbers (xxxx)
• Write them down in a paper
• Pick up a set of 4 digital number and keep it in your mind, ex. 1234
• Make simple mathematics (Addition +)
Ex. Computer Login: 7622 + 1234 = 8856
ATM PIN: 1285 + 1234 = 2519
Internet Bank: 2247 + 1234 = 3481
• Put them in somewhere you like, (laptop or wallet)
• When you need them, just make simple subtraction (-)
Ex. Computer Login: 8856 - 1234 = 7622
ATM PIN: 2519 - 1234 = 1285
• Even if someone steals your wallet, no one can use those number to
unlock your account.
• Which is the plaint text?
• Which is the cipher text?
• Which is the encryption?
• Which is the decryption?
• Which is the KEY?
• Which is the plaint text?
• Which is the cipher text?
• Which is the encryption?
• Which is the decryption?
• Which is the KEY?
Encryption DecryptionPlaintext Plaintext
Cipher text
Key Key
Encryption is still difficult?
7622 (Login)
8856
(+) addition
(-) Subtraction
1234
Public-Private Key Encryption
• Involves 2 distinct keys – Public, Private.
• The private key is kept secret and never be divulged
• The public key is not secret and can be freely distributed,
shared with anyone.
• It is also called “asymmetric cryptography”.
• Two keys are mathematically related, it is infeasible to derive
the private key from the public key.
Encryption DecryptionPlaintext Plaintext
Ciphertext
Public Key Private Key
Use Public key to encrypt and Private
Key to decrypt!
Hello, Mary
Wanna go out for dinner?
PaulPaul MaryMary
encrypt using Mpublic decrypt using Mprivate
OK, Paul
Fridays or Ruby Tuesday ?
PaulPaul MaryMary
decrypt using Pprivate encrypt using Ppublic
Each individual generates his own key pair
[Public key known to everyone & Private key only to the owner]
Private Key – Used for Signing the document
Public Key – Used for Verifying the signed document
Digital Signatures HOWTO
Use Private key to encrypt (sign) Public
Key to decrypt (verify) !!!
Paul Mary
Data
Fingerprint
Algorithm
Paul
Private
key
Paul
Public
Key
Fingerprint
Algorithm
If fingerprint values
match, data came from
the owner of the private
key and is valid
Digital Signatures HOWTO
Fingerprint
Fingerprint
Fingerprint
Digital signature
Data
Signing Verification
Agenda
• Security Everywhere
• How to secure our E-life
• Hash function (Digest, Figure print)
• Digital Signature
• Digital Certificate with PKI
• VPro Security World
Digital Certificates
• Why we use driver license and ID card?
• Digital Certificate much likes a physical
passport
• A data with digital signature from one trusted
Certification Authority (CA).
• This data contains:
– Who owns this certificate
– Who signed this certificate
– The expired date
– User name & email address
CERTIFICATE
IssuerIssuer
SubjectSubject
IssuerIssuer
DigitalDigital
SignatureSignature
Subject Public KeySubject Public Key
Elements of Digital Cert.• A Digital ID typically contains the following information:
– Your public key, Your name and email address
– Expiration date of the public key, Name of the CA who issued
your Digital ID
Public Key Infrastructure (PKI)
• A Public Key Infrastructure is an
Infrastructure to support and manage Public
Key-based Digital Certificates
• There are 4 major parts in PKI.
– Certification Authority (CA)
– A directory Service
– Services, Banks, Web servers
– Business Users
Certification Authority (CA)
• A trusted agent who certifies public keys (certificate) for
general use (Corporation or Bank).
– User has to decide which CAs can be trusted.
• CA provider:
• Comodo
• DigiCert
• Trustwave
• TURKTRUST
• VeriSign
More ….
PKI Structure
Certification Authority Directory services
User
Services,
Banks,
Webservers
Public/Private Keys
Demonstration…
• Digital Signature & Certificate
– Generate Message Digest [SHA1]  OpenSSL [Option]
– Encrypting Digest using Private Key [Signatures]  OpenSSL [Option]
– Verification of Signatures  OpenSSL [Option]
– Apply your email certificate
– Outlook 2003 case [Multipurpose Internet Mail Extensions MIME]
Security Everywhere
Recap: Challenges
• How to prove the card is forged or not?
 How Server authenticate your identity?How Server authenticate your identity?
 How you transmit your sensitive data ?How you transmit your sensitive data ?
 How to protect my data won’t be intercepted byHow to protect my data won’t be intercepted by
bad guy?bad guy?
 How can merchant avoid customer repudiateHow can merchant avoid customer repudiate
his/her order?his/her order?
 How can I trust the merchant is not bad guy?How can I trust the merchant is not bad guy?
 What’s SSL 128? Is it able to protect my data?What’s SSL 128? Is it able to protect my data?
Digital Fingerprint (Digest, Hash, & Measure)Digital Fingerprint (Digest, Hash, & Measure)
Digital signature (SignDigital signature (Signinging))
Encryption (Public Key, Secret Key)Encryption (Public Key, Secret Key)
Digital Certificate (PKI)Digital Certificate (PKI)
HOWTO Solve ?HOWTO Solve ?
Q&A
• Backup
Why Security Matters?
It’s everywhere, just you don’t know !
Security Everywhere
E-life: E-commerce
Q1. How to protect my data won’t be interceptedQ1. How to protect my data won’t be intercepted
by Bad guy?by Bad guy?
Q1. How to protect my data won’t be interceptedQ1. How to protect my data won’t be intercepted
by Bad guy?by Bad guy?
Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?
Q3. How can merchant avoid customer repudiateQ3. How can merchant avoid customer repudiate
his/her order?his/her order?
Q3. How can merchant avoid customer repudiateQ3. How can merchant avoid customer repudiate
his/her order?his/her order?
Security Everywhere
E-life: E-commerce
httpshttps
SSL 128SSL 128
Credit card infoCredit card info
Q1. What’s SSL 128bit ?Q1. What’s SSL 128bit ?
Q2. Why / How can it protect my credit info?Q2. Why / How can it protect my credit info?
Q1. What’s SSL 128bit ?Q1. What’s SSL 128bit ?
Q2. Why / How can it protect my credit info?Q2. Why / How can it protect my credit info?
Security Everywhere
Storing the password in OS, ATM machine
Problem:
can I shadow my password in OS to prevent someone from stealing it
can I protect my password during user authentication?
roblem:
can I shadow my password in OS to prevent someone from stealing it
can I protect my password during user authentication?
Plaintext
Key length
• It is the number of bits (bytes) in the key.
• A 2-bit key has four values
– 00, 01, 10, 11 in its key space
• A key of length “n” has a key space of 2^n distinct values.
• E.g. the key is 128 bits
– 101010101010….10010101111111
– There are 2^128 combinations
– 340 282 366 920 938 463 463 374 607 431 768 211 456
How difficult to crack a key?
Key
Length
Individual
Attacker
Small
Group
Academic
Network
Large Company Military Inteligence
Agency
40 Weeks Days Hours Milliseconds Microseconds
56 Centuries Decades Years Hours Seconds
64 Millennia Centuries Decades Days Minutes
80 Infeasible Infeasible Infeasible Centuries Centuries
128 Infeasible Infeasible Infeasible Infeasible Millennia
Attacker Computer Resources Keys /
Second
Individual attacker One high-performance desktop machine & Software 2^17 – 2^24
Small group 16 high-end machines & Software 2^21 – 2^24
Academic Network 256 high-end machines & Software 2^25 – 2^28
Large company $1,000,000 hardware budget 2^43
Military Intelligence
agency
$1,000,000 hardware budget + advanced technology 2^55
Secret-key Encryption
• Use a secret key to encrypt a message into
ciphertext.
• In AMT provision, we call it Pre-Shared Key (PSK)
• Use the same key to decrypt the ciphertext to the
original message.
• Also called “Symmetric cryptography”.
Encryption DecryptionPlaintext Plaintext
Ciphertext
Secret Key Secret Key
Secret-Key algorithms
Algorithm Name Key Length
(bits)
Blowfish Up to 448
DES 56
IDEA 128
RC2 Up to 2048
RC4 Up to 2048
RC5 Up to 2048
Triple DES 192
References:
Blowfish
DES
IDEA
RC2
RC4
RC5
DES-3
Digital CertificateDigital Certificate
• How are Digital Certificates Issued?How are Digital Certificates Issued?
• Who is issuing them?Who is issuing them?
• Why should I Trust the Certificate Issuer?Why should I Trust the Certificate Issuer?
• How can I check if a Certificate is valid?How can I check if a Certificate is valid?
• How can I revoke a Certificate?How can I revoke a Certificate?
• Who is revoking Certificates?Who is revoking Certificates?
ProblemsProblems
Moving towards PKI …Moving towards PKI …
Public Key Algorithms
Algorithm Name Key Length (bits)
DSA Up to 448
El Gamal 56
RSA 128
Diffie-Hellman Up to 2048
References:
DSA
El Gamal
RSA
Diffie-Hellman
CERTIFICATE
Digital CertificateDigital Certificate
IssuerIssuer
SubjectSubject
IssuerIssuer
DigitalDigital
SignatureSignature
Subject Public KeySubject Public Key
Message-Digest Algorithms
Message-Digest
Algorithm
Digest Length
(bits)
MD2 128
MD4 128
MD5 128
Secure Hash Algorithm
(SHA)
160
References:
MD2
MD4
MD5
SHA
OK, Paul
Fridays or Ruby Tuesday ?
PaulPaul MaryMary
decrypt using Pprivate encrypt using Ppublic
Security Everywhere
Our life: Passport
Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?
Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?
Security Everywhere
Real life: Passport
Photographic
Micro-lettering Lines
Micro Letters
Watermark
Laser-perforation
Hash Function
Ex: Storing the password in OS, ATM machine
Client
Server
Hash Function
ID: PaulID: Paul
Password: ILoveYouPassword: ILoveYou
Login requestLogin request
Account: PaulAccount: Paul
Password:Password: +!3420$
User DB
ID Password
Paul +!3420$
Stephen ss-3&6#
Wang l*^$23w
Account: PaulAccount: Paul
Password:Password: +!3420$
User
Authentication
User
Authentication
Login
successful
Login
successful
Login
successful
Login
successful
How Signature Works?
You must understand “What is key?” first
Encryption DecryptionPlaintext Plaintext
Cipher text
Key Key
The length of the key reflects the difficulty to
decrypt from the encrypted message
The length of the key reflects the difficulty to
decrypt from the encrypted message
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text

Más contenido relacionado

La actualidad más candente

La actualidad más candente (19)

Digital Signiture
Digital SignitureDigital Signiture
Digital Signiture
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
 
Digital signature
Digital  signatureDigital  signature
Digital signature
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATURE
 
114 120
114 120114 120
114 120
 
Module 21 (cryptography)
Module 21 (cryptography)Module 21 (cryptography)
Module 21 (cryptography)
 
CGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption MechanismCGI White Paper - Key Incryption Mechanism
CGI White Paper - Key Incryption Mechanism
 
Networksecurity1 1
Networksecurity1 1 Networksecurity1 1
Networksecurity1 1
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Analysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network SecurityAnalysis of Cryptographic Algorithms for Network Security
Analysis of Cryptographic Algorithms for Network Security
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Em24873876
Em24873876Em24873876
Em24873876
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pki
 
Iss lecture 5
Iss lecture 5Iss lecture 5
Iss lecture 5
 

Destacado

Paul presentation P2P Chord v1
Paul presentation P2P Chord v1Paul presentation P2P Chord v1
Paul presentation P2P Chord v1Paul Yang
 
Web query expansion based on association rules mining with e hownet and googl...
Web query expansion based on association rules mining with e hownet and googl...Web query expansion based on association rules mining with e hownet and googl...
Web query expansion based on association rules mining with e hownet and googl...Paul Yang
 
天使基金調查及申請 - 以國發基金為例
天使基金調查及申請 - 以國發基金為例 天使基金調查及申請 - 以國發基金為例
天使基金調查及申請 - 以國發基金為例 Paul Yang
 
Mitigating routing misbehavior in mobile ad hoc networks
Mitigating routing misbehavior in mobile ad hoc networks Mitigating routing misbehavior in mobile ad hoc networks
Mitigating routing misbehavior in mobile ad hoc networks Paul Yang
 
27 nov16 wu_as_need_for_institutional_strengthening
27 nov16 wu_as_need_for_institutional_strengthening27 nov16 wu_as_need_for_institutional_strengthening
27 nov16 wu_as_need_for_institutional_strengtheningIWRS Society
 
CdeCluismuñizactividad1.2
CdeCluismuñizactividad1.2CdeCluismuñizactividad1.2
CdeCluismuñizactividad1.2Eduardo Carranza
 
Planning and Goal Setting
Planning and Goal Setting Planning and Goal Setting
Planning and Goal Setting smarrone
 
Modulo v actividad 3 materiales didacticos copia
Modulo v actividad 3 materiales didacticos   copiaModulo v actividad 3 materiales didacticos   copia
Modulo v actividad 3 materiales didacticos copiaReyni Rallp
 
2016-09-29 GS1 Session Slides
2016-09-29 GS1 Session Slides2016-09-29 GS1 Session Slides
2016-09-29 GS1 Session SlidesMichael Solomon
 
proyecto de vida Jocelyn Morales
proyecto de vida Jocelyn Moralesproyecto de vida Jocelyn Morales
proyecto de vida Jocelyn MoralesJoss Morales
 
Resume JC Montero - Copy
Resume JC Montero - CopyResume JC Montero - Copy
Resume JC Montero - CopyJun Montero
 
Warehouse scale computing - Dive into the detail
Warehouse scale computing - Dive into the detail Warehouse scale computing - Dive into the detail
Warehouse scale computing - Dive into the detail Paul Yang
 
CdeCluismuñizactividad3.2
CdeCluismuñizactividad3.2CdeCluismuñizactividad3.2
CdeCluismuñizactividad3.2Eduardo Carranza
 
BASF conference call Q3 2016 speech
BASF conference call Q3 2016 speechBASF conference call Q3 2016 speech
BASF conference call Q3 2016 speechBASF
 
Diapositivas la-celula (1)
Diapositivas la-celula (1)Diapositivas la-celula (1)
Diapositivas la-celula (1)Gabriela Pedraza
 
Nodes bearing grudges
Nodes bearing grudgesNodes bearing grudges
Nodes bearing grudgesPaul Yang
 

Destacado (20)

Paul presentation P2P Chord v1
Paul presentation P2P Chord v1Paul presentation P2P Chord v1
Paul presentation P2P Chord v1
 
Web query expansion based on association rules mining with e hownet and googl...
Web query expansion based on association rules mining with e hownet and googl...Web query expansion based on association rules mining with e hownet and googl...
Web query expansion based on association rules mining with e hownet and googl...
 
天使基金調查及申請 - 以國發基金為例
天使基金調查及申請 - 以國發基金為例 天使基金調查及申請 - 以國發基金為例
天使基金調查及申請 - 以國發基金為例
 
Mitigating routing misbehavior in mobile ad hoc networks
Mitigating routing misbehavior in mobile ad hoc networks Mitigating routing misbehavior in mobile ad hoc networks
Mitigating routing misbehavior in mobile ad hoc networks
 
27 nov16 wu_as_need_for_institutional_strengthening
27 nov16 wu_as_need_for_institutional_strengthening27 nov16 wu_as_need_for_institutional_strengthening
27 nov16 wu_as_need_for_institutional_strengthening
 
Professional School Cleaners Of Sydney
Professional School Cleaners Of SydneyProfessional School Cleaners Of Sydney
Professional School Cleaners Of Sydney
 
Doctor
DoctorDoctor
Doctor
 
CdeCluismuñizactividad1.2
CdeCluismuñizactividad1.2CdeCluismuñizactividad1.2
CdeCluismuñizactividad1.2
 
Planning and Goal Setting
Planning and Goal Setting Planning and Goal Setting
Planning and Goal Setting
 
Modulo v actividad 3 materiales didacticos copia
Modulo v actividad 3 materiales didacticos   copiaModulo v actividad 3 materiales didacticos   copia
Modulo v actividad 3 materiales didacticos copia
 
2016-09-29 GS1 Session Slides
2016-09-29 GS1 Session Slides2016-09-29 GS1 Session Slides
2016-09-29 GS1 Session Slides
 
Articles for pr
Articles for prArticles for pr
Articles for pr
 
proyecto de vida Jocelyn Morales
proyecto de vida Jocelyn Moralesproyecto de vida Jocelyn Morales
proyecto de vida Jocelyn Morales
 
Michailidis_Nimfopoulos_et_al._1997
Michailidis_Nimfopoulos_et_al._1997Michailidis_Nimfopoulos_et_al._1997
Michailidis_Nimfopoulos_et_al._1997
 
Resume JC Montero - Copy
Resume JC Montero - CopyResume JC Montero - Copy
Resume JC Montero - Copy
 
Warehouse scale computing - Dive into the detail
Warehouse scale computing - Dive into the detail Warehouse scale computing - Dive into the detail
Warehouse scale computing - Dive into the detail
 
CdeCluismuñizactividad3.2
CdeCluismuñizactividad3.2CdeCluismuñizactividad3.2
CdeCluismuñizactividad3.2
 
BASF conference call Q3 2016 speech
BASF conference call Q3 2016 speechBASF conference call Q3 2016 speech
BASF conference call Q3 2016 speech
 
Diapositivas la-celula (1)
Diapositivas la-celula (1)Diapositivas la-celula (1)
Diapositivas la-celula (1)
 
Nodes bearing grudges
Nodes bearing grudgesNodes bearing grudges
Nodes bearing grudges
 

Similar a Security everywhere digital signature and digital fingerprint v1 (personal)

enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authenticationahmad amiruddin
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
 
Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
 
Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
 
Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Nicholas Davis
 
Digital signatures - A mathematical scheme for demonstrating the authenticity...
Digital signatures - A mathematical scheme for demonstrating the authenticity...Digital signatures - A mathematical scheme for demonstrating the authenticity...
Digital signatures - A mathematical scheme for demonstrating the authenticity...Bitcoin Association of Australia
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography FundamentalsDuy Do Phan
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
PBU-Intro_to_PGP
PBU-Intro_to_PGPPBU-Intro_to_PGP
PBU-Intro_to_PGPauremoser
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSCAdv Prashant Mali
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2Olle E Johansson
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoJohn Bambenek
 

Similar a Security everywhere digital signature and digital fingerprint v1 (personal) (20)

enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authentication
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...
 
Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki &amp; Personal Digital Certificates, The Key To Securing Sensitive Electr...
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
 
Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki &amp; Personal Digital Certificates, Securing Sensitive Electronic Commun...
 
Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
PGP.ppt
PGP.pptPGP.ppt
PGP.ppt
 
How encryption works
How encryption worksHow encryption works
How encryption works
 
Digital signatures - A mathematical scheme for demonstrating the authenticity...
Digital signatures - A mathematical scheme for demonstrating the authenticity...Digital signatures - A mathematical scheme for demonstrating the authenticity...
Digital signatures - A mathematical scheme for demonstrating the authenticity...
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
PBU-Intro_to_PGP
PBU-Intro_to_PGPPBU-Intro_to_PGP
PBU-Intro_to_PGP
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSC
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
 
Whatisdigitalsignature
WhatisdigitalsignatureWhatisdigitalsignature
Whatisdigitalsignature
 
Whatisdigitalsignature
WhatisdigitalsignatureWhatisdigitalsignature
Whatisdigitalsignature
 

Más de Paul Yang

release_python_day4_slides_201606_1.pdf
release_python_day4_slides_201606_1.pdfrelease_python_day4_slides_201606_1.pdf
release_python_day4_slides_201606_1.pdfPaul Yang
 
release_python_day3_slides_201606.pdf
release_python_day3_slides_201606.pdfrelease_python_day3_slides_201606.pdf
release_python_day3_slides_201606.pdfPaul Yang
 
release_python_day1_slides_201606.pdf
release_python_day1_slides_201606.pdfrelease_python_day1_slides_201606.pdf
release_python_day1_slides_201606.pdfPaul Yang
 
release_python_day2_slides_201606.pdf
release_python_day2_slides_201606.pdfrelease_python_day2_slides_201606.pdf
release_python_day2_slides_201606.pdfPaul Yang
 
RHEL5 XEN HandOnTraining_v0.4.pdf
RHEL5 XEN HandOnTraining_v0.4.pdfRHEL5 XEN HandOnTraining_v0.4.pdf
RHEL5 XEN HandOnTraining_v0.4.pdfPaul Yang
 
Intel® AT-d Validation Overview v0_3.pdf
Intel® AT-d Validation Overview v0_3.pdfIntel® AT-d Validation Overview v0_3.pdf
Intel® AT-d Validation Overview v0_3.pdfPaul Yang
 
HP Performance Tracking ADK_part1.pdf
HP Performance Tracking ADK_part1.pdfHP Performance Tracking ADK_part1.pdf
HP Performance Tracking ADK_part1.pdfPaul Yang
 
HP Performance Tracking ADK part2.pdf
HP Performance Tracking ADK part2.pdfHP Performance Tracking ADK part2.pdf
HP Performance Tracking ADK part2.pdfPaul Yang
 
Determination of Repro Rates 20140724.pdf
Determination of Repro Rates 20140724.pdfDetermination of Repro Rates 20140724.pdf
Determination of Repro Rates 20140724.pdfPaul Yang
 
Debug ADK performance issue 20140729.pdf
Debug ADK performance issue 20140729.pdfDebug ADK performance issue 20140729.pdf
Debug ADK performance issue 20140729.pdfPaul Yang
 
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...Paul Yang
 
A brief study on bottlenecks to Intel vs. Acer v0.1.pdf
A brief study on bottlenecks to Intel vs. Acer v0.1.pdfA brief study on bottlenecks to Intel vs. Acer v0.1.pdf
A brief study on bottlenecks to Intel vs. Acer v0.1.pdfPaul Yang
 
出租店系統_楊曜年_林宏庭_OOD.pdf
出租店系統_楊曜年_林宏庭_OOD.pdf出租店系統_楊曜年_林宏庭_OOD.pdf
出租店系統_楊曜年_林宏庭_OOD.pdfPaul Yang
 
Arm Neoverse market update_05122020.pdf
Arm Neoverse market update_05122020.pdfArm Neoverse market update_05122020.pdf
Arm Neoverse market update_05122020.pdfPaul Yang
 
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdfBuilding PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdfPaul Yang
 
Agile & Secure SDLC
Agile & Secure SDLCAgile & Secure SDLC
Agile & Secure SDLCPaul Yang
 
Routing Security and Authentication Mechanism for Mobile Ad Hoc Networks
Routing Security and Authentication Mechanism for Mobile Ad Hoc NetworksRouting Security and Authentication Mechanism for Mobile Ad Hoc Networks
Routing Security and Authentication Mechanism for Mobile Ad Hoc Networks Paul Yang
 
Clients developing_chunghwa telecom
Clients developing_chunghwa telecomClients developing_chunghwa telecom
Clients developing_chunghwa telecomPaul Yang
 
English teaching in icebreaker and grammar analysis
English teaching in icebreaker and grammar analysisEnglish teaching in icebreaker and grammar analysis
English teaching in icebreaker and grammar analysisPaul Yang
 
Study mapapi v0.1
Study mapapi v0.1Study mapapi v0.1
Study mapapi v0.1Paul Yang
 

Más de Paul Yang (20)

release_python_day4_slides_201606_1.pdf
release_python_day4_slides_201606_1.pdfrelease_python_day4_slides_201606_1.pdf
release_python_day4_slides_201606_1.pdf
 
release_python_day3_slides_201606.pdf
release_python_day3_slides_201606.pdfrelease_python_day3_slides_201606.pdf
release_python_day3_slides_201606.pdf
 
release_python_day1_slides_201606.pdf
release_python_day1_slides_201606.pdfrelease_python_day1_slides_201606.pdf
release_python_day1_slides_201606.pdf
 
release_python_day2_slides_201606.pdf
release_python_day2_slides_201606.pdfrelease_python_day2_slides_201606.pdf
release_python_day2_slides_201606.pdf
 
RHEL5 XEN HandOnTraining_v0.4.pdf
RHEL5 XEN HandOnTraining_v0.4.pdfRHEL5 XEN HandOnTraining_v0.4.pdf
RHEL5 XEN HandOnTraining_v0.4.pdf
 
Intel® AT-d Validation Overview v0_3.pdf
Intel® AT-d Validation Overview v0_3.pdfIntel® AT-d Validation Overview v0_3.pdf
Intel® AT-d Validation Overview v0_3.pdf
 
HP Performance Tracking ADK_part1.pdf
HP Performance Tracking ADK_part1.pdfHP Performance Tracking ADK_part1.pdf
HP Performance Tracking ADK_part1.pdf
 
HP Performance Tracking ADK part2.pdf
HP Performance Tracking ADK part2.pdfHP Performance Tracking ADK part2.pdf
HP Performance Tracking ADK part2.pdf
 
Determination of Repro Rates 20140724.pdf
Determination of Repro Rates 20140724.pdfDetermination of Repro Rates 20140724.pdf
Determination of Repro Rates 20140724.pdf
 
Debug ADK performance issue 20140729.pdf
Debug ADK performance issue 20140729.pdfDebug ADK performance issue 20140729.pdf
Debug ADK performance issue 20140729.pdf
 
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...
 
A brief study on bottlenecks to Intel vs. Acer v0.1.pdf
A brief study on bottlenecks to Intel vs. Acer v0.1.pdfA brief study on bottlenecks to Intel vs. Acer v0.1.pdf
A brief study on bottlenecks to Intel vs. Acer v0.1.pdf
 
出租店系統_楊曜年_林宏庭_OOD.pdf
出租店系統_楊曜年_林宏庭_OOD.pdf出租店系統_楊曜年_林宏庭_OOD.pdf
出租店系統_楊曜年_林宏庭_OOD.pdf
 
Arm Neoverse market update_05122020.pdf
Arm Neoverse market update_05122020.pdfArm Neoverse market update_05122020.pdf
Arm Neoverse market update_05122020.pdf
 
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdfBuilding PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
 
Agile & Secure SDLC
Agile & Secure SDLCAgile & Secure SDLC
Agile & Secure SDLC
 
Routing Security and Authentication Mechanism for Mobile Ad Hoc Networks
Routing Security and Authentication Mechanism for Mobile Ad Hoc NetworksRouting Security and Authentication Mechanism for Mobile Ad Hoc Networks
Routing Security and Authentication Mechanism for Mobile Ad Hoc Networks
 
Clients developing_chunghwa telecom
Clients developing_chunghwa telecomClients developing_chunghwa telecom
Clients developing_chunghwa telecom
 
English teaching in icebreaker and grammar analysis
English teaching in icebreaker and grammar analysisEnglish teaching in icebreaker and grammar analysis
English teaching in icebreaker and grammar analysis
 
Study mapapi v0.1
Study mapapi v0.1Study mapapi v0.1
Study mapapi v0.1
 

Último

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 

Último (20)

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 

Security everywhere digital signature and digital fingerprint v1 (personal)

  • 1. Security Everywhere: Digital Fingerprint, Signature & Certificate <Fundamental 1> Paul Yang Feb 2009
  • 2. Course Objectives: • Bring up your awareness of security • Give you an idea to secure your electronic life
  • 3. Agenda • Security Everywhere • How to secure our E-life • Digital Fingerprint (Hash, Digest, Measure) • Digital Signature • Digital Certificate with PKI
  • 5. 4 Factors of Security Authentication Integrity Non- repudiation Privacy Nobody Can Know Who I Am It’s Unmodifiable It’s Undeniable
  • 6. Security Everywhere Real life: Sealing wax in Middle Ages Q1. How to prevent someone from tamperingQ1. How to prevent someone from tampering your letteryour letter ?? Q1. How to prevent someone from tamperingQ1. How to prevent someone from tampering your letteryour letter ??
  • 7. Security Everywhere Real life: Enigma in World War II Demo Flash Simulator
  • 8. Security Everywhere Real life: Crime Scene Investigation (CSI) Forensic scienceForensic science Testimony Testimony  DocumentaryDocumentary Physical / Real Physical / Real  Digital Exculpatory Digital Exculpatory  Scientific DemonstrativeScientific Demonstrative Eyewitness identificationEyewitness identification Genetic (DNA) Genetic (DNA)  LiesLies
  • 9. Take a look at our electronic Life 9
  • 10. Security Everywhere Challenges • How to prove the card is forged or not?  How does bank authenticate your identity?  How to protect my data won’t be intercepted by bad guy during data transmission?  How can merchant prevent customer from denying his/her order?  How can I trust the merchant is not bad guy?
  • 11. Are They Still the Original Data ? • When you receive files from your friend – Picture files – MP3 files – Video files – Many others type of files…. • When you download Files from Web – Utility – Driver – Patch – Picture/music/video.. filesHow Do you Know They Are Original - No lost, Not Been Hacked, No Virus…..
  • 12. Fingerprint for Any Digital Data • What is Human Fingerprint ? – a unique identification to a person – Small but can represent a person, like a digest • Is it a way for any digital data? • a program, a letter, or… • one byte…. one gigabyte, or ….. Is It Possible ? Digital Data Just Like Human ?
  • 13. Yes, We Can ! Message Digest Variable-length input message to aVariable-length input message to a fixed-lengthfixed-length Human Fingerprint  Virtual uniqueness Measurement  Detection ofDetection of genuinenessgenuineness Digital fingerprint  a logic process which will result in a fixed length unique data value If there is any single bit change in the original data, the result will change dramatically, so you’ll notice the change easily For example: using MD5 Hash algorithm will always result in xxx bit data value
  • 14. Fingerprint HOWTO Fingerprint Function Original Message (Document, E-mail) fingerprint  A unique value which can be used to represent the original data Demo: PsPad editor MD5
  • 15. Fingerprint HOWTOInput Fingerprint I love you Fingerprint MD5 e4f58a805a6e1fd0f6bef58c86f9ceb3 Demo: PsPad editor MD5 I love yoU Fingerprint MD5 8bbe24876210671597572bf075412311 Photo1.jpg Fingerprint MD5 8cd5c5a2ab5eea7c649fa0994885fb44 Modified Photo1.jpg Fingerprint MD5 dfaa08438c77f924717f6dcac756530f
  • 16. Fingerprint Algorithms Message-Digest Algorithm Digest Length (bits) MD2 128 MD4 128 MD5 128 Secure Hash Algorithm (SHA) 160 References: MD2 MD4 MD5 SHA
  • 17. Hash Function Ex: Downloading the file (Integrity) Demo – 1 , 2 Problem: The SW I download can’t be opened! Any way to know if the file is not modified during network transmission? Problem: The SW I download can’t be opened! Any way to know if the file is not modified during network transmission?
  • 18. Hash Function Ex: User authentication in OS or ATM machineProblem:  can I protect my password during user authentication?  can I shadow my password in OS to prevent someone from stealing it Problem:  can I protect my password during user authentication?  can I shadow my password in OS to prevent someone from stealing it Client Server Fingerprint Function ID: PaulID: Paul Password: ILoveYouPassword: ILoveYou Login requestLogin request Account: PaulAccount: Paul Password:Password: +!3420$ User DB ID Password Paul +!3420$ Stephen ss-3&6# Jack l*^$23w Account: PaulAccount: Paul Password:Password: +!3420$ User Authentication User Authentication Login successful Login successful Login successful Login successful
  • 19. Are you sure where they come from?• When you receive files from your friend – Picture files – MP3 files – Video files – Many others type of files…. • When you download Files from Web – Utility – Driver – Patch – Picture/music/video.. files How can you know where they come from?
  • 20. Context (Plaint Text) Digital signature Sign Yes, We Can ! Digital Signatures A Electronic document to provide Authentication, Integrity and Non-repudiation but NOT Privacy Verify Sender ReceiverSender
  • 21. How Signature Works? You must understand “What is key?” first Encryption DecryptionPlaintext Plaintext Cipher text Key Key Variable value used by cryptographic to produce encrypted text, or decrypt encrypted text Variable value used by cryptographic to produce encrypted text, or decrypt encrypted text
  • 22. Quiz? Problem: I’ve got to remember many passwords for •My Computer Login •My ATM PIN •My Internet Bank •My Mobile Phone SIM •My mailbox and MSN •More……. Question: Do you know someplace or someway in which you can secure your passwords and can check them out easily?
  • 23. Let’s Practice!Answer: • Assuming they are four digit numbers (xxxx) • Write them down in a paper • Pick up a set of 4 digital number and keep it in your mind, ex. 1234 • Make simple mathematics (Addition +) Ex. Computer Login: 7622 + 1234 = 8856 ATM PIN: 1285 + 1234 = 2519 Internet Bank: 2247 + 1234 = 3481 • Put them in somewhere you like, (laptop or wallet) • When you need them, just make simple subtraction (-) Ex. Computer Login: 8856 - 1234 = 7622 ATM PIN: 2519 - 1234 = 1285 • Even if someone steals your wallet, no one can use those number to unlock your account. • Which is the plaint text? • Which is the cipher text? • Which is the encryption? • Which is the decryption? • Which is the KEY? • Which is the plaint text? • Which is the cipher text? • Which is the encryption? • Which is the decryption? • Which is the KEY? Encryption DecryptionPlaintext Plaintext Cipher text Key Key Encryption is still difficult? 7622 (Login) 8856 (+) addition (-) Subtraction 1234
  • 24. Public-Private Key Encryption • Involves 2 distinct keys – Public, Private. • The private key is kept secret and never be divulged • The public key is not secret and can be freely distributed, shared with anyone. • It is also called “asymmetric cryptography”. • Two keys are mathematically related, it is infeasible to derive the private key from the public key. Encryption DecryptionPlaintext Plaintext Ciphertext Public Key Private Key Use Public key to encrypt and Private Key to decrypt!
  • 25. Hello, Mary Wanna go out for dinner? PaulPaul MaryMary encrypt using Mpublic decrypt using Mprivate OK, Paul Fridays or Ruby Tuesday ? PaulPaul MaryMary decrypt using Pprivate encrypt using Ppublic
  • 26. Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for Signing the document Public Key – Used for Verifying the signed document Digital Signatures HOWTO Use Private key to encrypt (sign) Public Key to decrypt (verify) !!!
  • 27. Paul Mary Data Fingerprint Algorithm Paul Private key Paul Public Key Fingerprint Algorithm If fingerprint values match, data came from the owner of the private key and is valid Digital Signatures HOWTO Fingerprint Fingerprint Fingerprint Digital signature Data Signing Verification
  • 28. Agenda • Security Everywhere • How to secure our E-life • Hash function (Digest, Figure print) • Digital Signature • Digital Certificate with PKI • VPro Security World
  • 29. Digital Certificates • Why we use driver license and ID card? • Digital Certificate much likes a physical passport • A data with digital signature from one trusted Certification Authority (CA). • This data contains: – Who owns this certificate – Who signed this certificate – The expired date – User name & email address CERTIFICATE IssuerIssuer SubjectSubject IssuerIssuer DigitalDigital SignatureSignature Subject Public KeySubject Public Key
  • 30. Elements of Digital Cert.• A Digital ID typically contains the following information: – Your public key, Your name and email address – Expiration date of the public key, Name of the CA who issued your Digital ID
  • 31. Public Key Infrastructure (PKI) • A Public Key Infrastructure is an Infrastructure to support and manage Public Key-based Digital Certificates • There are 4 major parts in PKI. – Certification Authority (CA) – A directory Service – Services, Banks, Web servers – Business Users
  • 32. Certification Authority (CA) • A trusted agent who certifies public keys (certificate) for general use (Corporation or Bank). – User has to decide which CAs can be trusted. • CA provider: • Comodo • DigiCert • Trustwave • TURKTRUST • VeriSign More ….
  • 33. PKI Structure Certification Authority Directory services User Services, Banks, Webservers Public/Private Keys
  • 34. Demonstration… • Digital Signature & Certificate – Generate Message Digest [SHA1]  OpenSSL [Option] – Encrypting Digest using Private Key [Signatures]  OpenSSL [Option] – Verification of Signatures  OpenSSL [Option] – Apply your email certificate – Outlook 2003 case [Multipurpose Internet Mail Extensions MIME]
  • 35. Security Everywhere Recap: Challenges • How to prove the card is forged or not?  How Server authenticate your identity?How Server authenticate your identity?  How you transmit your sensitive data ?How you transmit your sensitive data ?  How to protect my data won’t be intercepted byHow to protect my data won’t be intercepted by bad guy?bad guy?  How can merchant avoid customer repudiateHow can merchant avoid customer repudiate his/her order?his/her order?  How can I trust the merchant is not bad guy?How can I trust the merchant is not bad guy?  What’s SSL 128? Is it able to protect my data?What’s SSL 128? Is it able to protect my data? Digital Fingerprint (Digest, Hash, & Measure)Digital Fingerprint (Digest, Hash, & Measure) Digital signature (SignDigital signature (Signinging)) Encryption (Public Key, Secret Key)Encryption (Public Key, Secret Key) Digital Certificate (PKI)Digital Certificate (PKI) HOWTO Solve ?HOWTO Solve ?
  • 36. Q&A
  • 38. Why Security Matters? It’s everywhere, just you don’t know !
  • 39. Security Everywhere E-life: E-commerce Q1. How to protect my data won’t be interceptedQ1. How to protect my data won’t be intercepted by Bad guy?by Bad guy? Q1. How to protect my data won’t be interceptedQ1. How to protect my data won’t be intercepted by Bad guy?by Bad guy? Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy? Q3. How can merchant avoid customer repudiateQ3. How can merchant avoid customer repudiate his/her order?his/her order? Q3. How can merchant avoid customer repudiateQ3. How can merchant avoid customer repudiate his/her order?his/her order?
  • 40. Security Everywhere E-life: E-commerce httpshttps SSL 128SSL 128 Credit card infoCredit card info Q1. What’s SSL 128bit ?Q1. What’s SSL 128bit ? Q2. Why / How can it protect my credit info?Q2. Why / How can it protect my credit info? Q1. What’s SSL 128bit ?Q1. What’s SSL 128bit ? Q2. Why / How can it protect my credit info?Q2. Why / How can it protect my credit info?
  • 41. Security Everywhere Storing the password in OS, ATM machine Problem: can I shadow my password in OS to prevent someone from stealing it can I protect my password during user authentication? roblem: can I shadow my password in OS to prevent someone from stealing it can I protect my password during user authentication? Plaintext
  • 42. Key length • It is the number of bits (bytes) in the key. • A 2-bit key has four values – 00, 01, 10, 11 in its key space • A key of length “n” has a key space of 2^n distinct values. • E.g. the key is 128 bits – 101010101010….10010101111111 – There are 2^128 combinations – 340 282 366 920 938 463 463 374 607 431 768 211 456
  • 43. How difficult to crack a key? Key Length Individual Attacker Small Group Academic Network Large Company Military Inteligence Agency 40 Weeks Days Hours Milliseconds Microseconds 56 Centuries Decades Years Hours Seconds 64 Millennia Centuries Decades Days Minutes 80 Infeasible Infeasible Infeasible Centuries Centuries 128 Infeasible Infeasible Infeasible Infeasible Millennia Attacker Computer Resources Keys / Second Individual attacker One high-performance desktop machine & Software 2^17 – 2^24 Small group 16 high-end machines & Software 2^21 – 2^24 Academic Network 256 high-end machines & Software 2^25 – 2^28 Large company $1,000,000 hardware budget 2^43 Military Intelligence agency $1,000,000 hardware budget + advanced technology 2^55
  • 44. Secret-key Encryption • Use a secret key to encrypt a message into ciphertext. • In AMT provision, we call it Pre-Shared Key (PSK) • Use the same key to decrypt the ciphertext to the original message. • Also called “Symmetric cryptography”. Encryption DecryptionPlaintext Plaintext Ciphertext Secret Key Secret Key
  • 45. Secret-Key algorithms Algorithm Name Key Length (bits) Blowfish Up to 448 DES 56 IDEA 128 RC2 Up to 2048 RC4 Up to 2048 RC5 Up to 2048 Triple DES 192 References: Blowfish DES IDEA RC2 RC4 RC5 DES-3
  • 46. Digital CertificateDigital Certificate • How are Digital Certificates Issued?How are Digital Certificates Issued? • Who is issuing them?Who is issuing them? • Why should I Trust the Certificate Issuer?Why should I Trust the Certificate Issuer? • How can I check if a Certificate is valid?How can I check if a Certificate is valid? • How can I revoke a Certificate?How can I revoke a Certificate? • Who is revoking Certificates?Who is revoking Certificates? ProblemsProblems Moving towards PKI …Moving towards PKI …
  • 47. Public Key Algorithms Algorithm Name Key Length (bits) DSA Up to 448 El Gamal 56 RSA 128 Diffie-Hellman Up to 2048 References: DSA El Gamal RSA Diffie-Hellman
  • 49. Message-Digest Algorithms Message-Digest Algorithm Digest Length (bits) MD2 128 MD4 128 MD5 128 Secure Hash Algorithm (SHA) 160 References: MD2 MD4 MD5 SHA
  • 50. OK, Paul Fridays or Ruby Tuesday ? PaulPaul MaryMary decrypt using Pprivate encrypt using Ppublic
  • 51. Security Everywhere Our life: Passport Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?Q1. How to know it’s a official passport? Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?
  • 52. Security Everywhere Real life: Passport Photographic Micro-lettering Lines Micro Letters Watermark Laser-perforation
  • 53. Hash Function Ex: Storing the password in OS, ATM machine Client Server Hash Function ID: PaulID: Paul Password: ILoveYouPassword: ILoveYou Login requestLogin request Account: PaulAccount: Paul Password:Password: +!3420$ User DB ID Password Paul +!3420$ Stephen ss-3&6# Wang l*^$23w Account: PaulAccount: Paul Password:Password: +!3420$ User Authentication User Authentication Login successful Login successful Login successful Login successful
  • 54. How Signature Works? You must understand “What is key?” first Encryption DecryptionPlaintext Plaintext Cipher text Key Key The length of the key reflects the difficulty to decrypt from the encrypted message The length of the key reflects the difficulty to decrypt from the encrypted message Variable value used by cryptographic to produce encrypted text, or decrypt encrypted text Variable value used by cryptographic to produce encrypted text, or decrypt encrypted text

Notas del editor

  1. 在就例 我們列出 今日的學習目標 Besides, 今天 我們的內容 是以 比較生活化的方式來進行講解 無可避免的 在座如果有一些 對 security 以早有研究的先進 可能會想了解更詳細的內容 , 如演算法 及數學的求證 或者是攻擊者 how to attack , 及你要如何 defense 這些 threat 我們可以折日 在更 advance 的課程 來滿足各位的需求 麻煩
  2. Why I said Security is everywhere … . We firstly check our physical realm out …
  3. 講到 security , 必然一定要提到 其 4 大特性 還有程度的差異 The transmitted message must make sense to only the intended receiver -- Privacy Receiver needs to be sure of the sender’s identity – Authentication Data must arrive at the receiver exactly as they were sent – Integrity Receiver must prove that a received message came from a specific sender -- Non-repudiation
  4. 護照 是一個 國家 的政府发放給本國 公民 ( citizen )或 國民 ( national )的一種旅行 证件 ,用於證明持有人的 身分 與 國籍 ,以便其出入本國及在外國旅行,同時亦用於請求有關外國當局給予持照人通行便利及保護。 護照關係到在國外所受合法保護的權利與進入本籍國的權利。护照上通常有持有者的照片、签名、出生日期、国籍和其它个人身分的证明。许多国家正在開發將 生物识别 技术用於護照,以便能够更精确地确认护照的使用者是其合法持有人。 如今国际间旅行通常要求出示护照 , 但也有例外的情况。护照实际上仅仅是一种国际认可的用来对旅行者身份鉴定的手段。而这样的鉴定要求在很多情况下或针对某些旅行者可以免除。例如现在 美国 公民凭驾照即可进入 墨西哥 ,而 欧盟 国民在欧盟内部旅行也不需要护照。 同样的,护照在一个国家内部也可以被当成身份证件而使用。
  5. 由 喬納森·莫斯托 拍攝並於 2000 年上映的電影 U-571 講的是一群美國潛艇兵為繳獲一台恩尼格瑪機而搶了一艘德國潛艇後的故事
  6. 小組成員調查神秘與不尋常的死因,以判定是誰以及如何殺了他們。成員們也會解決一些其他的重罪,例如強姦罪的採證,但這個系列影集的主題仍以謀殺案件為主。 Criminalistics is the application of various sciences to answer questions relating to examination and comparison of biological evidence , trace evidence , impression evidence (such as fingerprints , footwear impressions, and tire tracks), controlled substances , ballistics , firearm and toolmark examination, and other evidence in criminal investigations. Typically, evidence is processed in a crime lab . Digital forensics is the application of proven scientific methods and techniques in order to recover data from electronic / digital media. DF specialists work in the field as well as in the lab. Forensic anthropology is the application of physical anthropology in a legal setting, usually for the recovery and identification of skeletonized human remains. Forensic archaeology is the application of a combination of archaeological techniques and forensic science, typically in law enforcement. Forensic DNA analysis takes advantage of the uniqueness of an individual&apos;s DNA to answer forensic questions such as determining paternity/maternity or placing a suspect at a crime scene. Forensic entomology deals with the examination of insects in, on, and around human remains to assist in determination of time or location of death. It is also possible to determine if the body was moved after death. Forensic geology deals with trace evidence in the form of soils, minerals and petroleums. Forensic interviewing is a method of communicating designed to elicit information and evidence. Forensic meteorology is a site specific analysis of past weather conditions for a point of loss. Forensic odontology is the study of the uniqueness of dentition better known as the study of teeth. Forensic pathology is a field in which the principles of medicine and pathology are applied to determine a cause of death or injury in the context of a legal inquiry. Forensic psychology is the study of the mind of an individual, using forensic methods. Usually it determines the circumstances behind a criminal&apos;s behavior. Forensic toxicology is the study of the effect of drugs and poisons on/in the human body. Forensic document examination or questioned document examination answers questions about a disputed document using a variety of scientific processes and methods. Many examinations involve a comparison of the questioned document, or components of the document, to a set of known standards. The most common type of examination involves handwriting wherein the examiner tries to address concerns about potential authorship. Veterinary Forensics is forensics applied to crimes involving animals. Association of Firearm and Tool Mark Examiners Ballistic fingerprinting Computer forensics Crime Diplomatics (Forensic paleography) Forensic accounting Forensic animation Forensic anthropology Forensic chemistry Forensic engineering Forensic facial reconstruction Forensic identification Forensic materials engineering Forensic polymer engineering Forensic profiling Forensic psychology Questioned document examination Retrospective diagnosis Skid mark Trace evidence Profiling practices Testimony  · Documentary Physical  / Real  · Digital Exculpatory  · Scientific Demonstrative Eyewitness identification Genetic (DNA)  · Lies
  7. Digital signing ensures that data originates from a specific party by creating a digital signature that is unique to that party. This process also uses hash functions. Put simply, digital signatures combine hashing (for the validation of the signature data) with asymmetric encryption for encoding that signature data. The following occurs when data is signed with a digital signature: A hash algorithm is applied to the data to create a hash value. The hash value is encrypted with User A’s private key, thereby creating the digital signature. The digital signature and the data are sent to User B. The following occurs when digitally signed data is decrypted: User B decrypts the signature by using User A’s public key and then recovers the hash value. If the signature can be decrypted, User B knows that the data came from User A (or the owner of the private key). The hash algorithm is applied to the data to create a second hash value. The two hash values are compared. If the hash values match, User B knows that the data has not been modified.
  8. In a public key environment, it is vital that you are assured that the public key to which you are encrypting data is in fact the public key of the intended recipient and not a forgery. You could simply encrypt only to those keys which have been physically handed to you. But suppose you need to exchange information with people you have never met; how can you tell that you have the correct key? Digital certificates, or certs, simplify the task of establishing whether a public key truly belongs to the purported owner. A certificate is a form of credential. Examples might be your driver&apos;s license, your social security card, or your birth certificate. Each of these has some information on it identifying you and some authorization stating that someone else has confirmed your identity. Some certificates, such as your passport, are important enough confirmation of your identity that you would not want to lose them, lest someone use them to impersonate you. A digital certificate is data that functions much like a physical certificate. A digital certificate is information included with a person&apos;s public key that helps others verify that a key is genuine or valid. Digital certificates are used to thwart attempts to substitute one person&apos;s key for another. A digital certificate consists of three things: A public key. Certificate information. (&quot;Identity&quot; information about the user, such as name, user ID, and so on.) One or more digital signatures. The purpose of the digital signature on a certificate is to state that the certificate information has been attested to by some other person or entity. The digital signature does not attest to the authenticity of the certificate as a whole; it vouches only that the signed identity information goes along with, or is bound to, the public key. Thus, a certificate is basically a public key with one or two forms of ID attached, plus a hearty stamp of approval from some other trusted individual.
  9. PKI 是一種基礎建設內含對稱及非對稱性密碼學、軟體和網路服務的整合技術,主要是用來提供保障網路通訊和企業電子交易的安全性。 PKI 為一種支援數位憑證的軟體、標準和協定的安全性整合服務。 證管理中心 公開金鑰基礎建設 ,又稱公開金鑰基礎設施、公開金鑰基礎架構,簡稱公鑰基礎建設、公鑰基礎設施、公鑰基礎架構或 PKI 。 密碼學上,公開金鑰基礎建設藉著 憑證管理中心 ( CA )將使用者的個人身分跟公開金鑰鏈結在一起。對每個憑證中心使用者的身分必須是唯一的,可能在人為監督下,合併使用分散於各地的其他協同軟體。對每個使用者,憑證中心發行的 公開金鑰憑證 含有不可偽造的個人身分、公鑰、有效條件與其他資料等。 可信賴的第三者( Trusted third party , TTP )也長被用來指憑證中心。 PKI 有時被錯誤地拿來代表公開金鑰密碼學或公開金鑰演算法。 大部分企業級的公鑰基礎建設系統,依賴由更高階級的憑證中心發行給低階憑證中心的憑證,而層層構築而成的憑證鏈,來建立某個參與者的身份識別憑證的合法 性。這產生了不只一個電腦且通常涵蓋多個組織的憑證階層,涉及到多個來源軟體間的合作。因此公開的標準對公鑰基礎建設相當重要。這個領域的標準化多由 網際網路工程工作小組 ( IETF )的 PKIX 工作群完成。 企業公鑰基礎建設通常和企業的資料庫目錄緊密結合,每個員工的公鑰內嵌在憑證中,和人事資料一起儲存。今日最先進的目錄科技是輕量目錄存取協定( Lightweight Directory Access Protocol , LDAP )。事實上,最常見的憑證格式 X.509 的前身 X.500 是用於 LDAP 的前置處理器的目錄略圖。
  10. VeriSign introduced the concept of classes of digital certificates: Class 1 for individuals, intended for email Class 2 for organizations, for which proof of identity is required Class 3 for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing certificate authority Class 4 for online business transactions between companies Class 5 for private organizations or governmental security
  11. 護照 是一個國家的政府发放給本國公民( citizen )或國民( national )的一種旅行证件,用於證明持有人的身分與國籍,以便其出入本國及在外國旅行,同時亦用於請求有關外國當局給予持照人通行便利及保護。 護照關係到在國外所受合法保護的權利與進入本籍國的權利。护照上通常有持有者的照片、签名、出生日期、国籍和其它个人身分的证明。许多国家正在開發將生物识别技术用於護照,以便能够更精确地确认护照的使用者是其合法持有人。 如今国际间旅行通常要求出示护照 , 但也有例外的情况。护照实际上仅仅是一种国际认可的用来对旅行者身份鉴定的手段。而这样的鉴定要求在很多情况下或针对某些旅行者可以免除。例如现在美国公民凭驾照即可进入墨西哥,而欧盟国民在欧盟内部旅行也不需要护照。 同样的,护照在一个国家内部也可以被当成身份证件而使用。