Documente Academic
Documente Profesional
Documente Cultură
Message digests
Computationally
expensive to publickey-encrypt long
messages
Goal: fixed-length, easyto-compute digital
fingerprint
apply hash function H
to m, get fixed size
message digest, H(m).
large
message
m
H: Hash
Function
H(m)
H: Hash
function
Bobs
private
key
KB
encrypted
msg digest
H(m)
digital
signature
(encrypt)
encrypted
msg digest
KB(H(m))
large
message
m
H: Hash
function
KB(H(m))
Bobs
public
key
KB
digital
signature
(decrypt)
H(m)
H(m)
equal
?
OK
Alices
Alices
Im Alice
IP addr password
I am Alice
R
KA-B (R)
Failures, drawbacks?
I am Alice
R
Bob computes
+ -
K A (R)
KA
KA (KA (R)) = R
Failures, drawbacks?
6
I am Alice
R
K (R)
T
K (R)
A
- +
m = K (K (m))
A A
+
K (m)
A
A
Trudy gets
- +
m = K (K (m))
T
sends m toT Alice
+
K (m)
T
encrypted with
Alices public key
7
Difficult to detect:
Bob receives everything that Alice sends, and vice
versa. (e.g., so Bob, Alice can meet one week later and
recall conversation)
problem is that Trudy receives all messages as well!
Key Establishment
Symmetric key problem:
Solutions:
Deffie-Hellman
trusted key distribution
Solution:
trusted certification
authority (CA)
mod p
secret integer
gb mod p
(gb
mod
p)a
mod p
Alice: a=6
Send Bob: g^a mod 23 = 8.
Bob: b=15
Send
11
each
KDC
KA-KDC KP-KDC
KP-KDC
KB-KDC
KA-KDC
KX-KDC
KY-KDC
KB-KDC
KZ-KDC
12
KA-KDC(A,B)
Alice
knows
R1
KA-KDC(R1, KB-KDC(A,R1) )
KB-KDC(A,R1)
Bob knows to
use R1 to
communicate
with Alice
no infrastructure support
-: computation load on users
KDC
-:
sensor networks?
14
Certification authorities
Certification authority (CA): binds public key to particular
entity, E.
E registers its public key with CA.
Bobs
public
key
Bobs
identifying
information
KB
digital
signature
(encrypt)
CA K -
private
key
CA
KB
certificate for
Bobs public key,
signed by CA
15