Presentation is loading. Please wait.

Presentation is loading. Please wait.

CNS2010lecture 6 :: key management1 ELEC5616 computer and network security matt barrie

Published byAdriel Crumbley Modified over 9 years ago

Similar presentations

Presentation on theme: "CNS2010lecture 6 :: key management1 ELEC5616 computer and network security matt barrie"— Presentation transcript:

1 CNS2010lecture 6 :: key management1 ELEC5616 computer and network security matt barrie mattb@ee.usyd.edu.au

2 CNS2010lecture 6 :: key management2 key management Suppose we have a symmetric key network: Alice, Bob, Carol and Dave want to talk to each other For secure communication, for n parties, we require n n(n-1) 2 2 Key distribution and management becomes a major issue! Alice Carol Bob Dave k ab k ac k bd k cd k ad k bc ( ) = keys

3 CNS2010lecture 6 :: key management3 definitions Key establishment is any process whereby a shared secret becomes available to two or more parties, for subsequent cryptographic use. Key management is the set of processes and mechanisms which support key establishment and the maintenance of ongoing keying relationships between parties, including replacing older keys with newer ones: –key agreement –key transport

4 CNS2010lecture 6 :: key management4 key distribution centre Naïve solution: Protocol: (1) Alice → KDC: “want to talk with Bob” (2) KDC → Alice: KDC picks random key k ab, sends Ek a [k ab ], Ek b [k ab, “ticket a-b”] (3) Alice → Bob: Alice decrypts Ek a [k ab ], sends ticket to Bob (4) Bob: Bob decrypts ticket Alice and Bob now share secret key k ab. Alice Carol Bob Dave KDC kaka kbkb kckc kdkd All parties share a key with the KDC

5 CNS2010lecture 6 :: key management5 problems with naïve approach Naïve solution: Problems: –Single point of failure, the KDC (a juicy target to attack) –No authentication –Poor scalability –Slow Alice Carol Bob Dave KDC kaka kbkb kckc kdkd All parties share a key with the KDC

6 CNS2010lecture 6 :: key management6 merkle’s puzzles Ralph Merkle (Stanford, 1974) Merkle’s puzzles are a way of doing key exchange between Alice and Bob without the need for a KDC Protocol: (1)Alice creates lots of puzzles P i = E pi [“This is puzzle #X i ”, k i ] where i = 1.. 2 20, |p i | = 20 bits (weak), |k i | = 128 bits (strong) X i, p i and k i are chosen randomly and different for each i. (2)Alice sends all puzzles P i to Bob. (3)Bob picks a random puzzle j є {1 … 2 20 } and solves P j by brute force (i.e. search on key p j ). This recovers X j and k j from the puzzle. (4)Bob sends X j to Alice in the clear. (5) Alice looks up the index j of X j (from a table) to get k j. => Alice and Bob now both share a secret key k j.

7 CNS2010lecture 6 :: key management7 merkle’s puzzles AliceBob P1P1 P6P6 P3P3 P4P4 P 12 P7P7 P9P9 P2P2 P5P5 P 14 P 11 P 13 Makes 2 20 puzzles Alice looks up X j Shared secret is k j Picks a random puzzle P j and breaks it. Sends X j back to Alice Shared secret is k j P i = Ep i [“This is puzzle #X i ”, k i ] Eve ??? Only knows the puzzles and X j

8 CNS2010lecture 6 :: key management8 attack on merkle’s puzzles Eve must break on average half the puzzles to find X j (hence k j ) –Time required to do so for 2 20 puzzles = 2 19 x 2 19 = 2 38 If Alice and Bob can try 10,000 keys/second : –It will take a minute for each of them to perform their steps (2 19 for Bob) –Plus another minute to communicate the puzzles on a 1.544MB (T1) link With comparable resources, it will take Eve about a year to break the system. Note: Merkle’s Puzzles uses a lot of bandwidth (impractical!)

9 CNS2010lecture 6 :: key management9 diffie-hellman key exchange Diffie-Hellman (Stanford, 1976) Worldwide standard used in smart cards, etc. Protocol: Consider the finite field Z p = where p is prime (p is about 300 digits long) Let g є Z p (the generator) (1)Alice: Alice chooses a random large integer a є Z p (2)Bob: Bob choses a random large integer b є Z p (3)Alice → Bob: Alice sends Bob g a (mod p) (4)Bob → Alice: Bob sends Alice g b (mod p) (5)Alice and Bob: compute g ab : Alice computes (g b ) a = g ab (mod p) : Bob computes (g a ) b = g ab (mod p) => Alice and Bob now share secret g ab

10 CNS2010lecture 6 :: key management10 diffie-hellman key exchange AliceBob p, g, g a (mod p) g b (mod p) Computes g ab (mod p) Eve ??? Only knows p, g, g a, g b

11 CNS2010lecture 6 :: key management11 strength of diffie-hellman The strength of Diffie-Hellman is based upon two issues: –given p, g, g a, it is difficult to calculate a (the discrete logarithm problem) –given p, g, g a, g b it is difficult for Eve to calculate g ab (the Diffie-Hellman problem) –we know that DL  DH but it is not known if DH  DL. Essentially, the strength of the system is based on the difficulty of factoring numbers the same size as p. The generator, g, can be small Do not use the secret g ab directly as a session key –it is better to either hash it or use it as a seed for a PRNG – not all bits of the secret have a flat distribution

12 CNS2010lecture 6 :: key management12 references Handbook of Applied Cryptography –read §1, §2-2.4.4, §2.5 - 2.5.3 Stallings (3 rd Ed) –6.3 – 6.4

Download ppt "CNS2010lecture 6 :: key management1 ELEC5616 computer and network security matt barrie"

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Public Key Encryptions CS461/ECE422 Fall 2011. Reading Material Text Chapters 2 and 20 Handbook of Applied Cryptography, Chapter 8 –

Public Key Encryptions CS461/ECE422 Fall Reading Material Text Chapters 2 and 20 Handbook of Applied Cryptography, Chapter 8 –
CNS2010handout 12 :: crypto protocols1 ELEC5616 computer and network security matt barrie

CNS2010handout 12 :: crypto protocols1 ELEC5616 computer and network security matt barrie
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Trusted 3rd parties Basic key exchange

Trusted 3rd parties Basic key exchange
Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Computer Security Key Management

Computer Security Key Management
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.

CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Key Establishment Techniques: Key Distribution and Key Agreement

Key Establishment Techniques: Key Distribution and Key Agreement
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Similar presentations

Ads by Google