Technical Aspects of E-Commerce Part of Mort Anvari Introduction - Review - Hardware - Firewalls - Networking - Cryptography Review PC Web Server PC Internet R SQL Server PC FW PC Mail Server File Server PC PC Review Application: Programs that directly access the presentation layer belong at least in part to the application layer CGI Script User Space Web Server Presentation Operating System Space Session Transport System Network I/O Layer Software Datalink Motherboard Physical World HD Controller Hard Drive Data HTML Pages Video Card Network Card Hardware Physical Hardware What is it? - The physical components of a computing system - If it can be held in your hand it’s hardware - If it can’t it’s software Hardware Application: Programs that directly access the presentation layer belong at least in part to the application layer CGI Script User Space Web Server Presentation Operating System Space Session Transport System Network I/O Layer Software Datalink Motherboard Physical World HD Controller Hard Drive Data HTML Pages Video Card Network Card Hardware Current Topic Physical Hardware - Architecture - Hard Drives - Backup Systems - Network Interfaces - RAM Architecture - CISC (Complex Instruction Set Comp.) Can complex operations Can many functions i.e 486, Pentium, PowerPC - RISC (Reduced Instruction Set Comp.) Can a few simple operations Faster than CISC i.e SPARC, HP9000 Hard Drives - Single A regular hard drive - Mirrored Fault-Tolerant Expensive - Drive Array Fault-Tolerant Slower but cheaper than Mirror Hard Drives - Highly Redundant Drive Enclosure External to server Can lose multiple drives Very fast Very expensive 10 What does it for me? Confidentiality: The data can only be read by the intended recipients Non-Repudiation: The data cannot be forged If data is “signed” by a person, the data could only have come from them No more “I didn’t send that!” Data Integrity: The data cannot be modified without detection 41 Symmetric Encryption - Data is encrypted and decrypted with the same key - Fast - Key must be kept secret - Key must be sent Out of Band - DES and IDEA are symmetric 42 Asymmetric Encryption - Uses keys - Data encrypted with one key can only be decrypted with the other - Public key is shared with all - Public key can be sent In Band - Private key must be kept secret - RSA is asymmetric 43 One Way Hash - A “fingerprint” of data - Any size data = same size hash - Tiny changes in data produce a very different hash 44 Example: Encrypted E-Mail Anne wants to send e-mail to Bob The plaintext message compressed to make it smaller and the ciphertext stronger Plaintext Compression Small Plaintext 45 Example: Encrypted E-Mail The plaintext message is run through a hash algorithm to generate a “fingerprint” Small Plaintext Hash Function Fingerprint 46 Example: Encrypted E-Mail The fingerprint is encrypted using Anne’s private key This makes it into a digital signature It is then appended to the plaintext Fingerprint Anne’s Private Key Small Plaintext Signature 47 Example: Encrypted E-Mail A Random key is generated and the email is symmetrically encrypted using that Small Plaintext Signature Random Key Ciphertext Encrypted with Random Key 48 Example: Encrypted E-Mail The Random Key is Encrypted using Bob’s public key The result is called a “Strong Box” Remember that only Bob can read the contents of the Box Random Key Bob’s Public Key A Box for Bob Random Key 49 Example: Encrypted E-Mail The Box is attached to the ciphertext and they are sent over e-mail to Bob A Box for Bob Random Key Ciphertext Encrypted with Random Key To Bob Internet 50 Example: Encrypted E-Mail Bob decrypts his Strong Box to get the Random Key Only Bob’s private key can open the Box which was encrypted with his public key A Box for Bob Random Key Bob’s Private Key Random Key 51 Example: Encrypted E-Mail Bob decrypts the ciphertext using the random key which he got from his Strong Box Ciphertext Encrypted with Random Key Small Random Key Plaintext Signature 52 Example: Encrypted E-Mail Bob decrypts Anne’s signature using her public key Since only Anne could have encrypted it with her private key, Bob knows the message had to come from her Signature Anne’s Public Key Fingerprint 53 Example: Encrypted E-Mail Bob runs the unencrypted message through the hash function If this fingerprint is the same as the one from the signature, the message was not changed in transit Calculated Fingerprint Small Plaintext Hash Function  or  Received Fingerprint 54 Example: Encrypted E-Mail Finally, the message is uncompressed Bob can read the message knowing for certain that it’s from Anne, it’s what Anne wrote and only the two of them could have read it Plaintext Compression Small Plaintext 55 ... the presentation layer belong at least in part to the application layer CGI Script User Space Web Server Presentation Operating System Space Session Transport System Network I/O Layer Software... drive - Mirrored Fault-Tolerant Expensive - Drive Array Fault-Tolerant Slower but cheaper than Mirror Hard Drives - Highly Redundant Drive Enclosure External to server Can lose multiple drives Very... Review - Hardware - Firewalls - Networking - Cryptography Review PC Web Server PC Internet R SQL Server PC FW PC Mail Server File Server PC PC Review Application: Programs that directly access