1 / 72

Key Management, Message Authentication, Hash Function &

Key Management, Message Authentication, Hash Function &. Key Management. In cryptography, key management includes all of the provisions made in a cryptosystem design, in cryptographic protocols in that design, in user procedures, and so on, which are related to generation,

Download Presentation

Key Management, Message Authentication, Hash Function &

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Key Management, Message Authentication, Hash Function &

  2. Key Management In cryptography, key management includes all of the provisions made in a cryptosystem design, in cryptographic protocols in that design, in user procedures, and so on, which are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. There is a distinction between key management, which concerns keys at the users' level (i.e., passed between systems or users or both), and key scheduling which is usually taken to apply to the handling of key material within the operation of a cipher.

  3. Scenario

  4. Scenario

  5. KEY MANAGEMENT We never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In this section, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss the distribution of asymmetric keys. Topics discussed in this section: Symmetric-Key DistributionPublic-Key Distribution

  6. Class Discussion • A small club has only 100 members. • How many secret keys are needed if all members of the club need to send secret messages to each other? • How many secret keys are needed if everyone trusts the presidents of the club? If a member needs to send a message to another member, she first sends it to president; the president then sends the message to another member. • How many secret keys are needed if the president decides that the two members who need to communicate should contact him first? The president then created a temporary key to be used between the two. Temporary key is encrypted and sent to both members.

  7. Key Management Key Management on Symmetric-key

  8. Key Distribution Centre

  9. Note A session symmetric key between two parties is used only once.

  10. Creating a session key between Alice and Bob using KDC

  11. Kerberos servers

  12. Kerberos example More Details In Week 5

  13. Example 1 - Question • Suppose Alice, Bob, Buffy and Spike want to communicate with one another securely. Using symmetric cryptography how many unique keys must be distributed to make this possible?

  14. Example 1 - Answer • Suppose Alice, Bob, Buffy and Spike want to communicate with one another securely. Using symmetric cryptography how many unique keys must be distributed to make this possible? • (Private key cryptography requires pair-wide key exchange. This is N(N-1)/2 or, in this case, 6 different keys.

  15. Key Management Key Management on Asymmetric-key

  16. Key Management • public-key encryption helps address key distribution problems • have two aspects of this: • distribution of public keys • use of public-key encryption to distribute secret keys This is one of the most critical areas in security systems - on many occasions systems have been broken, not because of a poor encryption algorithm, but because of poor key selection or management. It is absolutely critical to get this right!

  17. Note In public-key cryptography, everyone has access to everyone’s public key; public keys are available to the public.

  18. Distribution of Public Keys • can be considered as using one of: • Public announcement • Publicly available directory • Public-key authority • Public-key certificates

  19. Announcing a public key / public Announcement local newspaper website

  20. Announcing a public key / public Announcement • users distribute public keys to recipients or broadcast to community at large • eg. append PGP keys to email messages or post to news groups or email list • major weakness is forgery: • anyone can create a key claiming to be someone else and broadcast it • until forgery is discovered can masquerade as claimed user • Example: • Eve could make such a public announcement, before bob can react, damage could be done. • Eve can fool Alice into sending her message that is intended for Bob. • Eve could also sign a document with a corresponding forged private key and make everyone believe it was assigned by Bob. • The approach is also vulnerable if Alice directly request Bob’s public key. Eve can intercept Bob’s response and substitute her own forged public key for Bob’s public key.

  21. Distribution of Public Keys • can be considered as using one of: • Public announcement • Publicly available directory • Public-key authority • Public-key certificates

  22. Trusted center / Publicly Available Directory Trusted centre retain a directory keys.

  23. Trusted center / Publicly Available Directory • can obtain greater security by registering keys with a public directory • directory must be trusted with properties: • contains {name, public-key} entries • participants register securely with directory • participants can replace key at any time • directory is periodically published • directory can be accessed electronically • still vulnerable to tampering or forgery

  24. Distribution of Public Keys • can be considered as using one of: • Public announcement • Publicly available directory • Public-key authority • Public-key certificates

  25. Controlled trusted center /Publicly Key Authority

  26. Controlled trusted center /Publicly Key Authority • improve security by tightening control over distribution of keys from directory • has properties of directory • and requires users to know public key for the directory • then users interact with directory to obtain any desired public key securely • does require real-time access to directory when keys are needed

  27. Controlled trusted center /Publicly Key Authority

  28. Distribution of Public Keys • can be considered as using one of: • Public announcement • Publicly available directory • Public-key authority • Public-key certificates

  29. Certification authority / Public-Key Certificates

  30. Certification authority / Public-Key Certificates • certificates allow key exchange without real-time access to public-key authority • a certificate binds identity to public key • usually with other info such as period of validity, rights of use etc • with all contents signed by a trusted Public-Key or Certificate Authority (CA) • can be verified by anyone who knows the public-key authorities public-key

  31. Certification authority / Public-Key Certificates

  32. Public-Key Distribution of Secret Keys • use previous methods to obtain public-key • can use for secrecy or authentication • but public-key algorithms are slow • so usually want to use private-key encryption to protect message contents • hence need a session key • have several alternatives for negotiating a suitable session

  33. Simple Secret Key Distribution • proposed by Merkle in 1979 • A generates a new temporary public key pair • A sends B the public key and their identity • B generates a session key K sends it to A encrypted using the supplied public key • A decrypts the session key and both use • problem is that an opponent can intercept and impersonate both halves of protocol

  34. Simple Secret Key Distribution • Simple use of public-key encryption to establish a session key. • A generates a public/private key pair {PUa, PRa} and transmits a message to B consisting of PUa and an identifier of A, IDA. • B generates a secret key, Ks, and transmits it to A, encrypted with A's public key. • A computes D(PRa, E(PUa, Ks)) to recover the secret key. Because only A can decrypt the message, only A and B will know the identity of Ks. • A discards PUa and PRa and B discards PUa.

  35. Public-Key Distribution of Secret Keys • if have securely exchanged public-keys:

  36. Public-Key Distribution of Secret Keys • if have securely exchanged public-keys: • A uses B's public key to encrypt a message to B containing an identifier of A (IDA) and a nonce (N1), which is used to identify this transaction uniquely. • B sends a message to A encrypted with PUa and containing A's nonce (N1) as well as a new nonce generated by B (N2) Because only B could have decrypted message (1), the presence of N1 in message (2) assures A that the correspondent is B. • A returns N2 encrypted using B's public key, to assure B that its correspondent is A. • A selects a secret key Ks and sends M = E(PUb, E(PRa, Ks)) to B. Encryption of this message with B's public key ensures that only B can read it; encryption with A's private key ensures that only A could have sent it. • B computes D(PUa, D(PRb, M)) to recover the secret key.

  37. Public-Key Algorithms • Diffie Hellman Key-Exchange • Elliptic Curve Arithmetic • Elliptic Curve Cryptography

  38. Diffie-Hellman Key Exchange • first public-key type scheme proposed • by Diffie & Hellman in 1976 along with the exposition of public key concepts • note: now know that James Ellis (UK CESG) secretly proposed the concept in 1970 • is a practical method for public exchange of a secret key • used in a number of commercial products

  39. Diffie-Hellman Key Exchange • a public-key distribution scheme • cannot be used to exchange an arbitrary message • rather it can establish a common key • known only to the two participants • value of key depends on the participants (and their private and public key information) • based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) - easy • security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard

  40. Diffie-Hellman Setup • all users agree on global parameters: • large prime integer or polynomial q • α a primitive root mod q • each user (eg. A) generates their key • chooses a secret key (number): xA < q • compute their public key: yA = αxA mod q • each user makes public that key yA

  41. Diffie-Hellman Key Exchange • shared session key for users A & B is KAB: KAB = αxA.xB mod q = yAxB mod q (which B can compute) = yBxA mod q (which A can compute) • KAB is used as session key in private-key encryption scheme between Alice and Bob • if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys • attacker needs an x, must solve discrete log

  42. Diffie-Hellman Example • users Alice & Bob who wish to swap keys: • agree on prime q=353 and α=3 • select random secret keys: • A chooses xA=97, B chooses xB=233 • compute public keys: • yA=397 mod 353 = 40 (Alice) • yB=3233 mod 353 = 248 (Bob) • compute shared session key as: KAB= yBxA mod 353 = 24897 = 160 (Alice) KAB= yAxB mod 353 = 40233 = 160 (Bob)

  43. Key Management Message Authentication

  44. Message Authentication • message authentication is concerned with: • protecting the integrity of a message • validating identity of originator • non-repudiation of origin (dispute resolution) • will consider the security requirements • then three alternative functions used: • message encryption • message authentication code (MAC) • hash function

  45. Security Requirements • disclosure • traffic analysis • masquerade • content modification • sequence modification • timing modification • source repudiation • destination repudiation

  46. Message Authentication

  47. Message Encryption Message Authentication Message Encryption Message Authentication Code Hash Function

  48. Message Encryption • message encryption by itself also provides a measure of authentication • if symmetric encryption is used then: • receiver know sender must have created it • since only sender and receiver now key used • know content cannot of been altered • if message has suitable structure, redundancy or a checksum to detect any changes

  49. Message Encryption • if public-key encryption is used: • encryption provides no confidence of sender • since anyone potentially knows public-key • however if • sender signs message using their private-key • then encrypts with recipients public key • have both secrecy and authentication • again need to recognize corrupted messages • but at cost of two public-key uses on message

  50. Key Management Message Authentication Message Authentication: Message Encryption Message Authentication: Message Authentication Code Message Authentication: Hash functions

More Related