1 / 44

Key Exchange

Key Exchange. We talk about symmetric keys here The problem is almost circular: To establish an encrypted session, you need an encrypted means to exchange keys. Key Exchange. Public Key cryptography can help ?!

Download Presentation

Key Exchange

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Key Exchange We talk about symmetric keys here The problem is almost circular: To establish an encrypted session, you need an encrypted means to exchange keys.

  2. KeyExchange • Public Key cryptography can help ?! • To see how, suppose S:(Sender) and R:(Receiver) want to derive a shared symmetric key, remember that S and R have their own keys and their each others public keys • Skeys are (kPR-S, kPU-S) plusR’s public key • Rkeys are (kPR-R, kPU-R) plusS’spublic key • Then, suppose that • S chooses any symmetric key K • S sends E(kPR-S,K) to R • R takes S’s public key, removes the encryption, and obtains K • OOPS, any eavesdropper who can get S’spublic key can also obtain K • let S send E(kPU-R, K)to R. Then, only Rcan decryptK • OOPS,Rhas no assurance that Kcame from S • The solution is for S to send to R: E(kPU-R, E(kPR-S, K))

  3. KeyExchange • E(kPU-R, E(kPR-S, Message))

  4. Digital Signatures

  5. Very easy to make copies • Very fast distribution • Easy archiving and retrieval • Copies are as good as original • Easily modifiable • Environmental Friendly Electronic Record Because of 4 & 5 together, these lack authenticity

  6. Why Digital Signatures? • To provide Authenticity, Integrity and Non-repudiation to electronic Documents & Communicated Messages • To use the Internet as the safe and secure medium for e-Commerce and e-Governance

  7. DigitalSignatures • A digital signature is a protocol that produces the same effect as a real signature: • It is a mark that only the sender can make • but other people can easily recognize that it belongs to the sender • Two conditions • It must be unforgeable: • If person P signs message M with signature S(P,M), it is impossible for anyone else to produce the pair [M, S(P,M)] • It must be authentic: • If a person R receives the pair[M, S(P,M)]supposedly from P, then R can check/verify that the signature is really from P • Only P could have created this signature, and the signature is firmly attached to M

  8. DigitalSignatures • Two more properties • It is not alterable: after being transmitted, M cannot be changed by S, R, or an interceptor. • It is not reusable: if a previous message presented again will be instantly detected by R.

  9. I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 Digital Signatures I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of the same person on different documents • Any message irrespective of its length can be compressed or shortened uniquely into a smaller length message called the Digest or the Hash. • Digital Signatures are numbers • They are document content dependent

  10. What is Digital Signature? • Hash value of a message: • when encrypted with the private key of a person is his digital signature on that e-Document/Message • Digital Signature of a person therefore varies from document to document • thus ensuring authenticity of each word of that document. • As the public key of the signer is known, • anyone can verify the message and the digital signature

  11. Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature

  12. Public Key Cryptography Encryption Technologies Confidentiality Document Document Encrypted Document Encrypted Document Public Key of B Private Key of B

  13. RSA Key pair Recommended RSA key sizes depending on lifetime of confidential data [2048 bit Key Example (including Algorithm identifier)] Private Key 3082 010a 0282 0101 00b1 d311 e079 5543 0708 4ccb 0542 00e2 0d83 463d e493 bab6 06d3 0d59 bd3e c1ce 4367 018a 21a8 efbc ccd0 a2cc b055 9653 8466 0500 da44 4980 d854 0aa5 2586 94ed 6356 ff70 6ca3 a119 d278 be68 2a44 5e2f cfcc 185e 47bc 3ab1 463d 1ef0 b92c 345f 8c7c 4c08 299d 4055 eb3c 7d83 deb5 f0f7 8a83 0ea1 4cb4 3aa5 b35f 5a22 97ec 199b c105 68fd e6b7 a991 942c e478 4824 1a25 193a eb95 9c39 0a8a cf42 b2f0 1cd5 5ffb 6bed 6856 7b39 2c72 38b0 ee93 a9d3 7b77 3ceb 7103 a938 4a16 6c89 2aca da33 1379 c255 8ced 9cbb f2cb 5b10 f82e 6135 c629 4c2a d02a 63d1 6559 b4f8 cdf9 f400 84b6 5742 859d 32a8 f92a 54fb ff78 41bc bd71 28f4 bb90 bcff 9634 04e3 459e a146 2840 8102 0301 0001 Public Key 3082 01e4 f267 0142 0f61 dd12 e089 5547 0f08 4ccb 0542 00e2 0d83 463d e493 bab6 0673 0d59 bf3e c1ce 4367 012a 11a8 efbc ccd0 a2cc b055 9653 8466 0500 da44 4980 d8b4 0aa5 2586 94ed 6356 ff70 6ca3 a119 d278 be68 2a44 5e2f cfcc 185e 47bc 3ab1 463d 1df0 b92c 345f 8c7c 4c08 299d 4055 eb3c 7d83 deb5 f0f7 8a83 0ea1 4cb4 3aa5 b35f 5a22 97ec 199b c105 68fd e6b7 a991 942c e478 4824 1a25 193a eb95 9c39 0a8a cf42 b250 1cd5 5ffb 6bed 6856 7b39 2c72 38b0 ee93 a9d3 7b77 3ceb 7103 a938 4a16 6c89 2aca da33 1379 c255 8ced 9cbb f2cb 5b10 f82e 6135 c629 4c2a d02a 63d1 6559 b4f8 cdf9 f400 84b6 5742 859d 32a8 f92a 54fb ff78 41bc bd71 28f4 bb90 bcff 9634 04de 45de af46 2240 8410 02f1 0001

  14. Signed Message Hash Signed Messages Calculated Hash Message Sent thru’ Internet Message + signature Message + Signature if OK Signatures verified COMPARE Hash SIGN hash With Sender’s Private key Decrypt Signature With Sender’s Public Key Receiver Sender

  15. Paper signatures vs. Digital Signatures

  16. Private Key Protection • The Private key generated is to be protected and kept secret. • The responsibility of the secrecy of the key lies with the owner. • The key is secured using • PIN Protected soft token • Smart Cards • Hardware Tokens

  17. PIN protected soft tokens • The Private key is encrypted and kept on the Hard Disk in a file, this file is password protected. • This forms the lowest level of security in protecting the key, as • The key is highly reachable. • PIN can be easily known or cracked. • Soft tokens are also not preferred because • The key becomes static and machine dependent. • The key is in known file format.

  18. Smart Cards • The Private key is generated in the crypto module residing in the smart card. • The key is kept in the memory of the smart card. • The key is highly secured as it doesn’t leave the card, the message digest is sent inside the card for signing, and the signatures leave the card. • The card gives mobility to the key and signing can be done on any system.(Having smart card reader)

  19. Hardware Tokens • They are similar to smart cards in functionality as • Key is generated inside the token. • Key is highly secured as it doesn’t leave the token. • Highly portable. • Machine Independent. • iKEY is one of the most commonly used token as it doesn’t need a special reader and can be connected to the system using USB port.

  20. Hardware Tokens Smart Card iKey Biometrics – adds another level of security to these tokens

  21. Public Key Deception • Impostor/Deceiver Claims to be a True Party • True party has a public and private key • Impostor/Deceiveralso has a public and private key • Impostor sends impostor’s own public key to the verifier • Says, “This is the true party’s public key” • This is the critical step in the deception

  22. Public Key Deception • If verifier accepts the impostor’s public key as the true party’s public key, • Impostor will be authenticated through any public key authentication method, because their private key will work • Impostor can also decrypt messages sent by the verifier if these messages are encrypted with the impostor’s public key

  23. Public Key Deception • Moral: • Public key encryption for privacy, confidentiality, authentication, and message integrity only works if • The verifier gets the true party’s public key independently of the applicant, • From a trusted third party

  24. Digital Certificates • Created by a Certificate Authority (CA) • Certificate Authority is the trusted third party Certificate Authority Digital Certificate Authenticated Party

  25. Public Key Infrastructure (PKI) • Some Trusted Agency is required which certifies the association of an individual with the key pair. Certifying Authority (CA) • This association is done by issuing a certificate to the user by the CA Public Key Certificate (PKC) • All public key certificates are digitally signed by the CA

  26. Digital Certificates • A public key and user's identity are bound together in a certificate, which is then signed by someone called a Certificate Authority (CA) • Certifying the accuracy of the binding. • The algorithms to generate a matched pair of public and private keys are publicly known, and software that does it is widely available. • So if Alice wanted to use a public key cipher, she could generate her own pair of public and private keys, • keep the private key hidden, and publicize the public key. • But how can she publicize her public key— assert that it belongs to her—in such a way that other participants can be sure it really belongs to her?

  27. Digital Certificates • A complete scheme for certifying bindings betweenpublic keys and identities— what key belongs to who—is called a Public Key Infrastructure (PKI). • A PKI starts with the ability to verify identities and bind them to keys out of band. By “out of band,” we mean something outside the network and the computers that comprise it, such as in the following scenarios. • Himmm, if Alice and Bob are individualswho know each other, then they could get together in the same room and Alice could give her public key to Bob directly, perhaps on a business card. • If Bob is an organization, Alice the individual could present conventional identification, perhaps involving a photograph or fingerprints. • If Alice and Bob are computersowned by the same company, then a system administrator could configure Bob with Alice’s public key. • A digitally signed statement of a public key binding is called a public key certificate, or simply a Certificate

  28. Digital Certificates • One of the major standards for certificates is known as X.509. This standard leaves a lot of details open, but specifies a basic structure. • A certificate clearly must include: • the identity of the entity being certified • the public key of the entity being certified • the identity of the signer • the digital signature • a digital signature algorithm identifier • (which cryptographic hash and which cipher)

  29. Certificates: Paper vs. Electronic Paper Electronic

  30. Certificate Authorities • Unfortunately, certificate authorities are not regulated • You must only use certificate authorities you trust • Company can be its own certificate authority for internal authentication among its hardware and software systems

  31. Certification Authorities • A certification authority or certificate authority (CA) is an entity claimed (by someone) to be trustworthy for verifying identities and issuing public key certificates. • There are commercial CAs, governmental CAs, and even free CAs. • To use a CA, you must know its own key. You can learn that CA’s key, however, if you can obtain a chain of CA-signed certificates that starts with a CA whose key you already know. • Then you can believe any certificate signed by that new CA

  32. Certifying Authority • Must be widely known and trusted • Must have well defined Identification process before issuing the certificate • Provides online access to all the certificates issued • Provides online access to the list of certificates revoked • Displays online the license issued by the Controller • Displays online approved Certification Practice Statement (CPS) • Must adhere to IT Act/Rules/Regulations and Guidelines

  33. Serial No. User Name User’s Email Address User’s Public Key CA’s Name Certificate Class Validity Digital Signature of CA Public-Key Certification User Certificate Certificate Database User Name & other credentials Signed by using CA’s private key Certificate Request License issued by CCA Publish User 1 certificate User 2 certificate . User’s Public key Public Public Web site of CA Private Key pair Generation

  34. Digital Certificates • Each digital certificate has its own digital signature, signed (encrypted) by the private key of the certificate authority • Provides message integrity so that an impostor cannot change the name field in the digital certificate to its own

  35. Digital Certificates • Certificate authorities may revoke digital certificates before the expiration date listed in the digital certificate • Revoked certificate ID numbers are placed in a Certificate Revocation List (CRL) • Verifier must check with the certificate authority to determine if a digital certificate is on the CRL • Without the CRL check, digital certificates do not support authentication

  36. Digital Certificates • Recap • A digital signature gives the public key of a named party • This is needed for public key authentication, to prevent public key deception • However, a digital certificate alone does NOT provide authentication

  37. Public Key Infrastructures (PKIs) Private key creation and distribution Digital certificate creation and distribution Certificate Revocation List checking

  38. PKIs • To use public key methods, an organization must establish a comprehensive Public Key Infrastructure (PKI) • A PKI automates most aspects of using public key encryption and authentication • Uses a PKI Server PKI Server

  39. PKIs • PKI Server Creates (Public Key , Private Key) Pairs • Distributes private keys to applicants securely • Often, private keys are embedded in delivered software Private Key PKI Server

  40. PKIs • PKI Server Provides Certificate Revocation List (CRL) Checks • Distributes digital certificates to verifiers • Checks Certificate Revocation List before sending digital certificates Digital Certificate PKI Server

  41. PKIs • CRL Checks • If applicant gives verifier a digital certificate, • The verifier must check the certificate revocation list CRL PKI Server OK? OK or Revoked

  42. Role of controller • Controller of Certifying Authorities as the “Root” Authority certifies the technologies, infrastructure and practices of all the Certifying Authorities licensed to issue Digital Signature Certificates

  43. Summary • Each individual has a pair of keys • Public key of each individual is certified by a CA (Certifying Authority) • Public keys of CAs are certified by the Controller • Public key of the Controller is self certified • Public keys of everyone are known to all concerned and are also available on the web • Certification Practice Statement is displayed on the web site

  44. Key Generation • True Random Numbers • RSA Key Pair [Private/Public Key] • i.e. 128-bits for symmetric key algorithms • i.e. at least 2048-bits for public-key algorithms. • Digital Signature • Generate Message Digest [i.e. SHA1] • Encrypting Digest using Private Key [Signatures] • Attaching the Signatures to the message. • Verification of Signatures • Run the test for Authentication, Integrity and Non-repudiation. • Digital Signature Certificate • i.e. ITU X.509 v3 • A digital certificate is necessary for a digital signature because it provides the public key that can be used to validate the private key that is associated with a digital signature. • Digital certificates make it possible for digital signatures to be used as a way to authenticate digital information.

More Related