Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Slides:



Advertisements
Similar presentations
SCSC 455 Computer Security
Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
By Md Emran Mazumder Ottawa University Student no:
Cryptography and Network Security Chapter 14
Fall 2008CS 334: Computer Security1 Crypto Conclusion Message Authentication Codes Key Management.
Key Distribution/Management and Authentication Mert ÖZARAR Bilkent University
Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:
Cryptography1 CPSC 3730 Cryptography Chapter 7 Confidentiality Using Symmetric Encryption.
Key Distribution CS 470 Introduction to Applied Cryptography
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Key Management in Cryptography
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Network and Communications Network Security Department of Computer Science Virginia Commonwealth University.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.
Cryptography and Network Security (CS435)
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography, Authentication and Digital Signatures
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Information Security Lab. Dept. of Computer Engineering 182/203 PART I Symmetric Ciphers CHAPTER 7 Confidentiality Using Symmetric Encryption 7.1 Placement.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Information Security -- Part II Public-Key Encryption and Hash Functions Frank Yeong-Sung Lin Information Management Department National Taiwan University.
Cryptography and Network Security (CS435) Part Eight (Key Management)
V0.0CPSC415 Biometrics and Cryptography1 Placement of Encryption Function Lecture 3.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT DIFFIE-HELLMAN KEY.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.
Information Security -- Part II Public-Key Encryption and Hash Functions Frank Yeong-Sung Lin Information Management Department National Taiwan University.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Data Security and Encryption (CSE348) 1. Lecture # 21 2.
Cryptography and Network Security Chapter 14
Using Public Key Cryptography Key management and public key infrastructures.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Key Management Network Systems Security Mort Anvari.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Fall 2006CS 395: Computer Security1 Key Management.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Key Management and Distribution Anand Seetharam CST 312.
Lecture 14 Public Key Cryptography and RSA. Summary principles of public-key cryptography principles of public-key cryptography RSA algorithm, implementation,
Security. Cryptography (1) Intruders and eavesdroppers in communication.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Confidentiality Using Symmetric Encryption Chapter 7.
Key Management and Distribution
Computer and Network Security
Frank Yeong-Sung Lin Information Management Department
Key Management Network Systems Security
Key Management and Distribution
New York Institute of Technology- Amman Campus
Cryptography and Network Security Chapter 14
Symmetric Key Distribution
Presentation transcript:

Key Management and Distribution

YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption to work, the two parties of an exchange must share the same key and that key must be protected. Frequent key changes may be desirable to limit the amount of data compromised. The strength of a cryptographic system rests with the technique for solving the key distribution problem -- delivering a key to the two parties of an exchange. The scale of the problem depends on the number of communication pairs.

YSL3 Approaches to Symmetric Key Distribution Let A (Alice) and B (Bob) be the two parties. A key can be selected by A and physically delivered to B. A third party can select the key and physically deliver it to A and B. If A and B have previously and recently used a key, one party can transmit the new key to the other, encrypted using the old key. If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B. Information Security – Mutual Trust

Symmetric Key Distribution Task Information Security – Mutual Trust4YSL

Symmetric Key Hierarchy Typically a hierarchy structure of keys is adopted. Session keys – temporary key – used for encryption of data between users – for one logical session then discarded Master keys – used to encrypt session keys – shared by each user & the key distribution center Information Security – Mutual Trust5YSL

Symmetric Key Hierarchy Information Security – Mutual Trust6YSL

Symmetric Key Distribution Scenario Information Security – Mutual Trust7YSL

Symmetric Key Distribution Issues Hierarchies of KDC’s required for large networks, but must trust each other Session key lifetimes should be limited for greater security Use of automatic key distribution on behalf of users, but must trust system Use of decentralized key distribution Controlling key usage Information Security – Mutual Trust8YSL

Symmetric Key Distribution Using Public Keys Public key cryptosystems are inefficient. –almost never used for direct data encryption –rather used to encrypt secret keys for distribution Information Security – Mutual Trust9YSL

Simple Secret Key Distribution Merkle proposed this very simple scheme –allows secure communications –no keys before/after exist Information Security – Mutual Trust10YSL

11 Simple Secret Key Distribution (cont’d) Simple secret key distribution (cont’d) –advantages simplicity no keys stored before and after the communication security against eavesdropping –disadvantages lack of authentication mechanism between participants vulnerability to an active attack as described in the next slide leak of the secret key upon such active attacks Information Security – Mutual Trust

Man-in-the-Middle Attacks This very simple scheme is vulnerable to an active man-in-the-middle attack. Information Security – Mutual Trust12YSL

Secret Key Distribution with Confidentiality & Authentication Information Security – Mutual Trust13YSL

14 Secret Key Distribution with Confidentiality & Authentication (cont’d) Provision of protection against both active and passive attacks Assurance of both confidentiality and authentication in the exchange of a secret key Availability of public keys a priori Complexity Information Security – Mutual Trust

YSL15 Public Key Distribution The distribution of public keys –public announcement –publicly available directory –public-key authority –public-key certificates The use of public-key encryption to distribute secret keys –simple secret key distribution –secret key distribution with confidentiality and authentication Information Security – Mutual Trust

YSL16 Public Key Distribution (cont’d) Information Security – Mutual Trust Public announcement

YSL17 Public Key Distribution (cont’d) Public announcement (cont’d) –advantages: convenience –disadvantages: forgery of such a public announcement by anyone Information Security – Mutual Trust

YSL18 Public Key Distribution (cont’d) Information Security – Mutual Trust Publicly available directory

YSL19 Public Key Distribution (cont’d) Publicly available directory (cont’d) –elements of the scheme {name, public key} entry for each participant in the directory in-person or secure registration on-demand entry update periodic publication of the directory availability of secure electronic access from the directory to participants –advantages: greater degree of security Information Security – Mutual Trust

YSL20 Public Key Distribution (cont’d) Publicly available directory (cont’d) –disadvantages need of a trusted entity or organization need of additional security mechanism from the directory authority to participants vulnerability of the private key of the directory authority (global-scaled disaster if the private key of the directory authority is compromised) vulnerability of the directory records Information Security – Mutual Trust

YSL21 Public Key Distribution (cont’d) Information Security – Mutual Trust Public-key authority

YSL22 Public Key Distribution (cont’d) Public-key authority (cont’d) –stronger security for public-key distribution can be achieved by providing tighter control over the distribution of public keys from the directory –each participant can verify the identity of the authority –participants can verify identities of each other –disadvantages bottleneck effect of the public-key authority vulnerability of the directory records Information Security – Mutual Trust

YSL23 Public Key Distribution (cont’d) Information Security – Mutual Trust Public-key certificates

YSL24 Public Key Distribution (cont’d) Public-key certificates (cont’d) –to use certificates that can be used by participants to exchange keys without contacting a public-key authority –requirements on the scheme any participant can read a certificate to determine the name and public key of the certificate’s owner any participant can verify that the certificate originated from the certificate authority and is not counterfeit only the certificate authority can create & update certificates any participant can verify the currency of the certificate Information Security – Mutual Trust

YSL25 Public Key Distribution (cont’d) Public-key certificates (cont’d) –advantages to use certificates that can be used by participants to exchange keys without contacting a public-key authority in a way that is as reliable as if the key were obtained directly from a public-key authority no on-line bottleneck effect –disadvantages: need of a certificate authority Information Security – Mutual Trust

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.