Information Security Mutual Trust

Key Management and
Distribution
Major Issues Involved in Symmetric

Key Distribution
For symmetric encryption to work, the two parties of an
exchange must share the same key and that key must be
protected.
Frequent key changes may be desirable to limit the amount
of data compromised.
The strength of a cryptographic system rests with the
technique for solving the key distribution problem -delivering a key to the two parties of an exchange.
The scale of the problem depends on the number of
communication pairs.
YSL
Information Security Mutual Trust
Approaches to Symmetric Key

Distribution
Let A (Alice) and B (Bob) be the two parties.
A key can be selected by A and physically delivered to B.
A third party can select the key and physically deliver it to
A and B.
If A and B have previously and recently used a key, one
party can transmit the new key to the other, encrypted
using the old key.
If A and B each has an encrypted connection to a third
party C,
C can deliver a key on the encrypted links to A and B.
YSL
Symmetric Key Distribution Task
YSL
Symmetric Key Hierarchy
Typically a hierarchy structure of keys is adopted.

Session keys
Master keys
YSL
temporary key
used for encryption of data between users
for one logical session then discarded
used to encrypt session keys
shared by each user & the key distribution center
Symmetric Key Hierarchy
YSL
Symmetric Key Distribution Scenario
YSL
Symmetric Key Distribution Issues

Hierarchies of KDCs required for large
networks, but must trust each other
Session key lifetimes should be limited for
greater security
Use of automatic key distribution on behalf
of users, but must trust system
Use of decentralized key distribution
Controlling key usage
YSL
Symmetric Key Distribution Using

Public Keys
Public key cryptosystems are inefficient.

almost never used for direct data encryption
rather used to encrypt secret keys for distribution
YSL
Simple Secret Key Distribution

Merkle proposed this very simple scheme
allows secure communications
no keys before/after exist
YSL
10
Simple Secret Key Distribution

(contd)
Simple secret key distribution (contd)
advantages
simplicity
no keys stored before and after the communication
security against eavesdropping
disadvantages
lack of authentication mechanism between participants
vulnerability to an active attack as described in the next
slide
leak of the secret key upon such active attacks
YSL
11
Man-in-the-Middle Attacks
YSL
This very simple scheme is vulnerable to an

active man-in-the-middle attack.
12
Secret Key Distribution with

Confidentiality & Authentication
YSL
13
Secret Key Distribution with

Confidentiality & Authentication (contd)
Provision of protection against both active
and passive attacks
Assurance of both confidentiality and
authentication in the exchange of a secret
key
Availability of public keys a priori
Complexity
YSL
14
Public Key Distribution

The distribution of public keys
public announcement
publicly available directory
public-key authority
public-key certificates
The use of public-key encryption to distribute

secret keys
simple secret key distribution
secret key distribution with confidentiality and
authentication
YSL
15
Public Key Distribution (contd)

Public announcement
YSL
16

Public announcement (contd)
advantages: convenience
disadvantages: forgery of such a public
announcement by anyone
YSL
17

Publicly available directory
YSL
18

Publicly available directory (contd)
elements of the scheme
{name, public key} entry for each participant in the
directory
in-person or secure registration
on-demand entry update
periodic publication of the directory
availability of secure electronic access from the
directory to participants
advantages: greater degree of security

YSL
19

Publicly available directory (contd)
disadvantages
need of a trusted entity or organization
need of additional security mechanism from the directory
authority to participants
vulnerability of the private key of the directory authority
(global-scaled disaster if the private key of the directory
authority is compromised)
vulnerability of the directory records
YSL
20

Public-key authority
YSL
21

Public-key authority (contd)
stronger security for public-key distribution can be
achieved by providing tighter control over the
distribution of public keys from the directory
each participant can verify the identity of the authority
participants can verify identities of each other
disadvantages
bottleneck effect of the public-key authority
vulnerability of the directory records
YSL
22

Public-key certificates
YSL
23

Public-key certificates (contd)
to use certificates that can be used by participants to
exchange keys without contacting a public-key
authority
requirements on the scheme
any participant can read a certificate to determine the name
and public key of the certificates owner
any participant can verify that the certificate originated from
the certificate authority and is not counterfeit
only the certificate authority can create & update certificates
any participant can verify the currency of the certificate
YSL
24

Public-key certificates (contd)
advantages
to use certificates that can be used by participants to
exchange keys without contacting a public-key authority
in a way that is as reliable as if the key were obtained
directly from a public-key authority
no on-line bottleneck effect
disadvantages: need of a certificate authority
YSL
25

Information Security Mutual Trust

Încărcat de

Informații document

Descriere originală:

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Information Security Mutual Trust

Încărcat de

Drepturi de autor:

Formate disponibile

Key Management and

Major Issues Involved in Symmetric