220 likes | 322 Views
CS457/546a. 2. Key Distribution and Certification. At many points so far, we have run into problems with using cryptography for network security.How can we securely store and distribute key and password information?How can we certify that keys and password are safe and to be trusted?To solve
E N D
1. CS457/546a 1 Chapter 2 roadmap 2.1 What is network security?
2.2 Principles of cryptography
2.3 Authentication
2.4 Integrity
2.5 Key distribution and certification
2.6 Access control: firewalls
2.7 Attacks and counter measures
2.8 Security in many layers
2. CS457/546a 2 Key Distribution and Certification At many points so far, we have run into problems with using cryptography for network security.
How can we securely store and distribute key and password information?
How can we certify that keys and password are safe and to be trusted?
To solve these issues, we make use of a variety of trusted intermediaries.
3. CS457/546a 3 Trusted Intermediaries Symmetric key problem:
How do two entities establish shared secret key over network?
Solution:
trusted key distribution center (KDC) acting as intermediary between entities
Public key problem:
When Alice obtains Bob’s public key (from web site, e-mail, diskette), how does she know it is Bob’s public key, not Trudy’s?
Solution:
trusted certification authority (CA)
4. CS457/546a 4