1 / 11

Key Establishment Techniques: Key Distribution and Key Agreement

Key Establishment Techniques: Key Distribution and Key Agreement. Wade Trappe. Key Establishment: The problem. Securing communication requires that the data is encrypted before being transmitted. Associated with encryption and decryption are keys that must be shared by the participants.

lyre
Download Presentation

Key Establishment Techniques: Key Distribution and Key Agreement

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Key Establishment Techniques:Key Distribution and Key Agreement Wade Trappe

  2. Key Establishment: The problem • Securing communication requires that the data is encrypted before being transmitted. • Associated with encryption and decryption are keys that must be shared by the participants. • The problem of securing the data then becomes the problem of securing the establishment of keys. • Task: If the participants do not physically meet, then how do the participants establish a shared key? • Two types of key establishment: • Key Agreement • Key Distribution

  3. Alice Bob Bob Calculates: Key Distribution • Key Agreement protocols: the key isn’t determined until after the protocol is performed. • Key Distribution protocols: one party generates the key and distributes it to Bob and/or Alice (Shamir’s 3pass, Kerberos). • Shamir’s Three-Pass Protocol: • Alice generates and Bob generates . • A key K is distributed by:

  4. Step 1 Step 2 Step 3 Step 5 Step 4 Basic TTP Key Distribution KDC Kb Ka 1. A Sends: {Request || IDA || IDB || N1} 2. KDC Sends: EKa[ KAB|| {Request || IDA || IDB || N1}||EKb(KAB, IDA)] 3. A Sends: EKb(KAB, IDA) 4. B Sends: EKAB(N2) 5. A Sends: EKAB(f(N2))

  5. Given a prime p, a generator g of , and elements and , it is computationally difficult to find . Key Agreement • In many scenarios, it is desirable for two parties to exchange messages in order to establish a shared secret that may be used to generate a key. • The Diffie-Hellman (DH) protocol is a basic tool used to establish shared keys in two-party communication. • Two parties, A and B, establish a shared secret by: • The security of the DH scheme is based upon the intractibility of the Diffie-Hellman Problem: • The Diffie-Hellman scheme can be extended to work on arbitrary groups (e.g. Elliptic Curves).

  6. Begins DH Begins DH Calculates Calculates Calculates Encrypts data with KAE Intruder In The Middle • The Intruder-in-the-Middle attack on Diffie-Hellman is based upon the following strategy to improve one’s chess ranking: • Eve challenges two grandmasters, and uses GM1’s moves against GM2. Eve can either win one game, or tie both games. • Eve has and can perform the Intruder-in-the-Middle attack by: Alice Eve Bob Decrypts data with KAE, uses data and encrypts with KBE Decrypts data with KBE

  7. Calculates Alice Bob Calculates Decrypts to get: Station-to-Station Protocol • Digital signatures can be used to prevent this protocol failure (STS Protocol). • A digital signature is a scheme that ties a message and its author together. • Private sig( ) function and Public ver( ) function. Verifies sig Verifies sig

  8. N-to-N Group Key Establishment • Many group scenarios require contributory key establishment protocols. • 1-to-1 Key Establishment: Diffie-Hellman (DH) protocol • Two parties, A and B, establish a shared secret by: • Extensions to multi-user scenarios: • Ingemarsson: Requires N-1 rounds and O(N2) exponentiations • Burmester-Desmedt: Requires 2 rounds but full broadcast • GDH (Steiner et al.): Requires N rounds and O(N) exp.

  9. Butterfly Group Diffie-Hellman Example: u1 u2 u3 u4 • Can be extended to arbitrary radix b using Ingemarsson as the basic building block. • Total Rounds: • Total Messages: • Optimal radix in both cases is 2. u5 u6 u7 u8

  10. Ke K0 K1 K01 K10 K00 K11 The Conference Tree • Group key formation procedure is described by: • Communication flow diagram • Conference Tree • Conference tree describes the subgroups and subgroup keys. u1 u2 u3 u4 u5 u6 u7 K101 K001 K011 K100 K110 K000 K010 K111 u8

  11. Making Primes • Fact: Let n be an odd prime and let , where r is odd. Let a be any integer such that gcd(a,n)=1. Then either or for some . • Definition: Let n be an odd composite with . Let . If either or , for some then n is a strong pseudoprime base a, and a is a strong liar for n. • Fact: If n is an odd composite integer, then at most 1/4 of the numbers a are strong liars for n. • We can use this in a Monte-Carlo algorithm to produce “primes”: • Test t different a’s. • Probability of falsely identifying a prime is

More Related