760 likes | 834 Views
Minimizing the number of keys for secure communication in a network. By Niels Duif. Remarks. Ask questions Proof by example. Contents. Introduction Splitting a message Constructions Combining constructions Conclusions. Introduction. Network Symmetric cryptography. Introduction.
E N D
Minimizing the number of keys for secure communication in a network By Niels Duif
Remarks Ask questions Proof by example / Department of Mathematics and Computer Science
Contents Introduction Splitting a message Constructions Combining constructions Conclusions / Department of Mathematics and Computer Science
Introduction Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve Alice common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve Hi! Alice common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve z$# Alice common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve z$# Alice common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve Alice z$# common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve Alice Hi! common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction Chris Eve ? Alice Hi! common key: kAB Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Introduction common key: kCE Chris Eve Alice common key: kAB common key: kBC Bob Network Symmetric cryptography / Department of Mathematics and Computer Science
Communication graph Alice Bob Chris Eve / Department of Mathematics and Computer Science
Communication graph Alice Bob Chris Eve Persons are represented by nodes Nodes that have one or more keys in common are connected by a line / Department of Mathematics and Computer Science
Communication graph kAB kBC kCE Alice Bob Chris Eve Persons are represented by nodes Nodes that have one or more keys in common are connected by a line The lines are labelled with the common keys / Department of Mathematics and Computer Science
Communication graph 1 2 3 A B C E Persons are represented by nodes Nodes that have one or more keys in common are connected by a line The lines are labelled with the common keys / Department of Mathematics and Computer Science
Communication graph A B 1 5 4 2 3 C D Nodes may have more than one key in common / Department of Mathematics and Computer Science
Communication graph A (1,2,5) B (1,4,5) 1 5 4 2 3 C (2,3) D (3,4) Nodes may have more than one key in common / Department of Mathematics and Computer Science
How to assign keys? A E B C D / Department of Mathematics and Computer Science
How to assign keys? A E B C D Give every pair of nodes a different key / Department of Mathematics and Computer Science
How to assign keys? A E B C D Give every pair of nodes a different key / Department of Mathematics and Computer Science
How to assign keys? A E B C D • Give every pair of nodes a different key • This requires keys for n nodes / Department of Mathematics and Computer Science
Using fewer keys • Is secure communication possible with fewer keys? • Yes, assuming that some nodes may be trusted • Assumption: at most t nodes cannot be trusted • Aim: minimize the total number of keys, c / Department of Mathematics and Computer Science
Splitting a message / Department of Mathematics and Computer Science
Splitting a message A (1,2) B (1,4) 1 4 2 3 C (2,3) D (3,4) Split a message and send it through different paths Example: communication from A to D / Department of Mathematics and Computer Science
Splitting a message A (1,2) B (1,4) 1 part 1 4 2 3 C (2,3) D (3,4) Split a message and send it through different paths Example: communication from A to D / Department of Mathematics and Computer Science
Splitting a message A (1,2) B (1,4) 1 part 1 4 2 part 2 3 C (2,3) D (3,4) Split a message and send it through different paths Example: communication from A to D / Department of Mathematics and Computer Science
Splitting a message Determine random shares: M1, M2, ... , Ms-1 Use bitwise addition mod 2: “ ”, or “XOR” Ms = M1 M2 ... Ms-1 M M1 M2 ... Ms-1 Ms = M / Department of Mathematics and Computer Science
Splitting a message • Example: the message is ‘Hi!’ M0 = 01001000 01101001 00100001 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 / Department of Mathematics and Computer Science
Splitting a message • Example: the message is ‘Hi!’ M0 = 01001000 01101001 00100001 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 / Department of Mathematics and Computer Science
Splitting a message • Example: the message is ‘Hi!’ M0 = 01001000 01101001 00100001 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 M0 = 01001000 01101001 00100001 / Department of Mathematics and Computer Science
Splitting a message • Example: the message is ‘Hi!’ M0 = 01001000 01101001 00100001 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 M1 = 11101101 11101111 10010001 M2 = 10100101 10000110 10110000 M0 = 01001000 01101001 00100001 / Department of Mathematics and Computer Science
Sending a message A (1,2) B (1,4) 1 M1 4 2 3 C (2,3) D (3,4) / Department of Mathematics and Computer Science
Sending a message A (1,2) B (1,4) 1 M1 4 2 M2 3 C (2,3) D (3,4) / Department of Mathematics and Computer Science
Retrieving a message The message is retrieved as the XOR of all shares: M = M1 M2 ... Ms All shares are needed to retreive the message / Department of Mathematics and Computer Science
Constructions for t=1 One corrupt node The total number of keys is c How large can n be? / Department of Mathematics and Computer Science
Sperner’s theorem n is at most This uses all possible key sets of size / Department of Mathematics and Computer Science
Example / Department of Mathematics and Computer Science
Example Communication from A to F / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) Communication from A to F / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) Communication from A to F / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) • Communication from A to F • Use all possible combinations of A’s and F’s keys / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) • Communication from A to F • Use all possible combinations of A’s and F’s keys / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) • Communication from A to F • Use all possible combinations of A’s and F’s keys / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) • Communication from A to F • Use all possible combinations of A’s and F’s keys / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) • Communication from A to F • Use all possible combinations of A’s and F’s keys / Department of Mathematics and Computer Science
Example C (1,4) B (1,3) E(2,4) 4 1 D (2,3) 3 2 F (3,4) A (1,2) • Communication from A to F • Use all combinations of their keys / Department of Mathematics and Computer Science
Eavesdrop The following keys are needed: / Department of Mathematics and Computer Science
Eavesdrop • Key 1 or Key 3 The following keys are needed: / Department of Mathematics and Computer Science
Eavesdrop • Key 1 or Key 3 • Key 1 or Key 4 The following keys are needed: / Department of Mathematics and Computer Science