Symmetric Key Distribution

Slides:



Advertisements
Similar presentations
SCSC 455 Computer Security
Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
IT 221: Conventional Encryption Algorithms and Ensuring Confidentiality Lecture 3: Conventional Encryption Algorithms and Ensuring Confidentiality For.
Chapter 20 Symmetric Encryption and Message Confidentiality.
V0.0CPSC415 Biometrics and Cryptography1 Placement of Encryption Function Lecture 3.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Data Security and Encryption (CSE348) 1. Lecture # 21 2.
Chapter 2 Symmetric Encryption.
Chapter 7 Confidentiality Using Symmetric Encryption.
Network Security Introduction
CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7 Historically – Conventional Encryption Recently – Authentication, Integrity, Signature, Public-key.
CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7 CONFIDENTIALY USING CONVENTIONAL ENCRYPTION – Chapter 7 Historically – Conventional Encryption.
Key Management and Distribution Anand Seetharam CST 312.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Confidentiality Using Symmetric Encryption Chapter 7.
Advanced Block Cipher Characteristic. Introduction Published by NIST in 2001 Developed to overcome bottleneck of 3DES Block length is of 128 bits Key.
Computer and Network Security
Web Applications Security Cryptography 1
Computer Communication & Networks
Network Security.
Radius, LDAP, Radius used in Authenticating Users
Jee sook, Eun May 2004 Presented in IEEE 802.1af - key management
Introduction to Networking
Understanding the OSI Reference Model
Presented by: Dr. Munam Ali Shah
Cryptography and Network Security Chapter 14
Data and Computer Communications
Cryptography and Network Security
The Secure Sockets Layer (SSL) Protocol
Key Management and Distribution
KERBEROS.
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Key Distribution Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, /18/2019 Ref: Pfleeger96, Ch.4.
New York Institute of Technology- Amman Campus
Cryptography and Network Security Chapter 14
COEN 351 Authentication.
The OSI Security Architecture
Triple DES Network Security.
Cryptanalysis Network Security.
Pseudorandom Numbers Network Security.
One-way Hash Function Network Security.
HMAC and its Design Objectives
Security Mechanisms Network Security.
Counter With Cipher Block Chaining-MAC
Digital Signatures Network Security.
Confidentiality, Integrity, Nonrepudiation
Cipher-Based MAC Network Security.
Elect. Codebook, Cipher Block Chaining
The RC4 Algorithm Network Security.
Stream Cipher Structure
A Model For Network Security
Key Exchange, Man-in-the-Middle Attack
Diffie-Hellman Algorithm
Security Attacks Network Security.
Message Authentication
The Use of Random Numbers
Security in Wireless Metropolitan Area Networks (802.16)
Security in Wireless Metropolitan Area Networks (802.16)
Presentation transcript:

Symmetric Key Distribution Network Security

Symmetric Key Distribution Objectives of the Topic After completing this topic, a student will be able to describe how symmetric key can be distributed with symmetric encryption.

Symmetric Key Distribution Figures and material in this topic have been adapted from “Network Security Essentials: Applications and Standards”, 2014 by William Stalling.

Symmetric Key Distribution For symmetric encryption to work, the two parties to an exchange must share the same key, and that key must be protected from access by others.

Symmetric Key Distribution Frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key.

Symmetric Key Distribution The strength of any cryptographic system rests with the “key distribution technique” --- the means of delivering a key to two parties that wish to exchange data, without allowing others to see the key.

Symmetric Key Distribution Key Distribution Options For two parties A and B, there are the following options: 1. A key could be selected by A and physically delivered to B.

Symmetric Key Distribution 2. A third party could select the key and physically deliver it to A and B. 3. If A and B have recently used a key, one party could transmit the new key to the other, using the old key to encrypt the new key.

Symmetric Key Distribution 4. If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.

Symmetric Key Distribution Options 1 and 2 call for manual delivery of a key. For link encryption, this is a reasonable requirement, because each link encryption device is only going to be exchanging data with its partner on the other end of the link.

Symmetric Key Distribution However, for end-to-end encryption over a network, manual delivery is awkward.

Symmetric Key Distribution In a distributed system, any given host may need to engage in exchanges with many other hosts over time. Each device needs a number of keys supplied dynamically. Difficult in a wide-area distributed system.

Symmetric Key Distribution Option 3 is a possibility for either link encryption or end-to-end encryption, but if an attacker ever succeeds in gaining access to one key, then all subsequent keys are revealed.

Symmetric Key Distribution To provide keys for end-to-end encryption, option 4 is preferable. For option 4 , two kinds of keys are used:

Symmetric Key Distribution Session key: When two end systems wish to communicate, they establish a logical connection. For the duration of that logical connection, called a session, all user data are encrypted with a one-time session key.

Symmetric Key Distribution At the conclusion of the session, the session key is destroyed. Permanent key: is a key used between entities for the purpose of distributing session keys.

Symmetric Key Distribution A necessary element of option 4 is a key distribution center (KDC) . The operation of a KDC proceeds as follows:

Symmetric Key Distribution 1. When host A wishes to set up a connection to host B, it transmits a connection request packet to the KDC. Communication bet. A and KDC is encrypted using a master key shared only by A and the KDC.

Symmetric Key Distribution 2. If KDC approves the connection request, it generates a unique one-time session key. It encrypts the session key using the permanent key it shares with A and delivers the encrypted session key to A.

Symmetric Key Distribution Similarly, it encrypts the session key using the permanent key it shares with B and delivers the encrypted session key to B.

Symmetric Key Distribution 3. A and B can now set up a logical connection and exchange messages and data, all encrypted using the temporary session key. End

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.