Key Management Session and Interchange Key Key Exchange

Slides:



Advertisements
Similar presentations
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Advertisements

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.
Computer Security Key Management
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
Chapter 9: Key Management
1 Key Management CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 1, 2004.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
Authentication Advanced Software Engineering (CSE870) Instructor: Dr. B. Cheng Contact info: chengb at cse dot msu dot edu Eduardo Diaz Dan Fiedler Andres.
Computer Security1 Bishop: Chapter 9 Key Management.
Slide #9-1 Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures.
1 Chapter 9: Key Management All algorithms we have introduced are based on one assumption: keys have been distributed. But how to do that? Key generation,
Security protocols  Authentication protocols (this lecture)  Electronic voting protocols  Fair exchange protocols  Digital cash protocols.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Week 4 - Wednesday.  What did we talk about last time?  RSA algorithm.
Courtesy of Professors Chris Clifton & Matt Bishop INFSCI 2935: Introduction of Computer Security1 Nov 4, 2003 Introduction to Computer Security Lecture.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management.
Week 4 - Friday.  What did we talk about last time?  Public key cryptography  A little number theory.
Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
The Secure Sockets Layer (SSL) Protocol
Key management issues in PGP
Contents Introduction. 9.1 Session and Interchange Keys.
Chapter 9. Key management
Key Management October 26, 2006 Lecture 7
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Computer Communication & Networks
Outline Designing secure protocols Key exchange protocols
Cryptography Reference: Network Security
Cryptography Reference: Network Security
CS480 Cryptography and Information Security
Chapter 15 Key Management
Authenticated Key Exchange
CSCE 715: Network Systems Security
Chapter 9: Key Management
Security Protocols Computer Security Peter Reiher April 14, 2016
Information Security message M one-way hash fingerprint f = H(M)
NET 311 Information Security
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Message Security, User Authentication, and Key Management
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
9.2 SECURE CHANNELS Medisetty Swathy.
Chapt. 10 – Key Management Dr. Wayne Summers
Public Key Infrastructure (PKI)
IT IS 6200/8200.
Cryptography: Basics (2)
CSC 482/582: Computer Security
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
The Secure Sockets Layer (SSL) Protocol
Protocol ap1.0: Alice says “I am Alice”
Overview Key exchange Cryptographic key infrastructure Key storage
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Bishop: Chapter 10 Key Management: Digital Signature
CDK: Chapter 7 TvS: Chapter 9
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Chapter 9: Key Management
Asymmetric Cryptographic Algorithms
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.
Outline Designing secure protocols Basic protocols Key exchange
Secure Diffie-Hellman Algorithm
Key Exchange, Man-in-the-Middle Attack
AIT 682: Network and Systems Security
Presentation transcript:

Key Management Session and Interchange Key Key Exchange Outline Session and Interchange Key Key Exchange Classical Cryptosystem Key Exchange and Authentication Kerberos Public key Cryptographic key Exchange and Authentication Cryptographic Key Infrasturcture Storing and Revoking Keys Digital Signature Classical Signatures Public Key Signatures

Session and Interchange Key Key Manegment refers to the distribution of keys: the Machanism used to bind identity to the key, generation , maintenance and revoking of such keys. Notation: X--> Y:{Z}k Session and Interchange Key An Interchange Key is a cryptographic key associated with a principal to a communication. A session key is a cryptographic key associated with the communication itself.

Key Exchange The goal of key Exchange is to enable Alice to communicate secretly to Bob, and vice versa, using a shared cryptographic key. Solution to this problem must meet following 3 criteria. 1. The key that Alice and Bob are to share cannot be transmitted in clear. 2. Alice and Bob may decide to trust third party (e.g. Cathy) 3. The cryptosystems and protocols are publicly Known. The Only secret data is to be the cryptographic keys involved.

Classical Cryptographic Key Exchange And Aythentication Suppose Alice and Bob wishes to communicate. They get the comman secret key from third party Cathy. 1. Alice ----> Cathy : { request for session key to Bob}K Alice 2. Cathy -----> Alice: { K Session } K Alice || { K session }KBob 3. Alice-------> Bob: { K Session} K Bob This protocol is having a problem that Bob does not know to whom he is talking . One such protocol is Needham-Schroeder Protocol.

Needham-Schroeder Protocol 1. Alice----> Cathy : { Alice|| Bob || rand1} 2. Cathy---->Alice:{ Alice || Bob || rand1|| K Session || {Alice || K Session } KBob} KAlice 3. Alice-----> Bob: {Alice || K Session } KBob 4. Bob----->Alice: { rand2} K Session 5. Alice---> Bob : { rand2-1} K Session

Public Key Cryptographic Key Exchange and Authentication Conceptually, public key cryptography makes exchanging keys very easy. 1. Alice -------> Bob :{ Ksession}eBob , Where, eBob is Bob's public key. Now Both can communicate using a classical cryptosystem. This protocol is having a flaw in it. If Alice do not have Bob's public key, she must get it from the public server, Peter.

2. Eve------> Peter: {send me Bob's Public key} Now, Attacker Eve can read Bob's message to Alice as given below: 1. Alice-----> Peter: {send me Bob's Public key} [intersepted by Eve] 2. Eve------> Peter: {send me Bob's Public key} 3. Peter----> Eve: eBob 4. Eve------> Alice: eEve 5. Alice-----> Bob: {kSession} eEve [intercepted by Eve] 6. Eve-------> Bob: {kSession} eBob Eve Now has the session key and can read any traffic between Alice and Bob. This is called Man-in-the-middle attack.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.