1 / 20

KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10

KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10. KEY MANAGEMENT DIFFIE-HELLMAN KEY EXCHANGE ELLIPTIC CURVE ARITHMETIC ELLIPTIC CURVE CRYPTOGRAPHY. Two Aspects: Distribution of, Public Keys Secret Keys using PKC encryption. KEY MANAGEMENT.

nadiar
Download Presentation

KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 • KEY MANAGEMENT • DIFFIE-HELLMAN KEY EXCHANGE • ELLIPTIC CURVE ARITHMETIC • ELLIPTIC CURVE CRYPTOGRAPHY

  2. Two Aspects: • Distribution of, • Public Keys • Secret Keys using PKC encryption KEY MANAGEMENT

  3. PUBLIC ANNOUNCEMENT • - easy to forge (e.g. append public key to email) • PUBLICLY AVAILABLE DIRECTORY • - [name,public-key], secure registration/access • PUBLIC-KEY AUTHORITY • - shared public/private key pair with each user • PUBLIC-KEY CERTIFICATES • - exchange authentic keys without contacting • authority DISTRIBUTION OF PUBLIC KEYS

  4. UNCONTROLLEDPUBLIC-KEY DISTRIBUTION

  5. PUBLIC-KEY PUBLICATION

  6. PUBLIC-KEY DISTRIBUTION SCENARIO

  7. EXCHANGE OF PUBLIC-KEY CERTIFICATES

  8. EXCHANGE OF PUBLIC-KEY CERTIFICATES • Any participant can read certificate to determine name and public key of cert. owner • Any participant can verify that cert. is not counterfeit. • Only the certificate authority can create and update certs. • Any participant can verify currency of certificate.

  9. EXCHANGE OF PUBLIC-KEY CERTIFICATES To read and verify: DKUauth[CA] = DKUauth[EKRauth[T,IDA,KUa]] = (T,IDA,KUa) Timestamp counteracts: A’s private key learned by opponent A updates private/public key pair Opponent replays old cert. to B B encrypts using old public key

  10. PKC TO ESTABLISH SESSION KEY

  11. PKC TO ESTABLISH SESSION KEY KUa and KRa discarded afterwards Advantage: No keys before or after protocol But, A [KUa,IDa] E [KUe,IDe] B B EKUe[Ks] E EKUa[Ks] A E learns Ks A and B unaware

  12. PUBLIC-KEY DISTRIBUTION OF SECRET KEYS

  13. PUBLIC-KEY DISTRIBUTION OF SECRET KEYS • N1 || N2 prevent eavesdropping • Scheme ensures confidentiality and authentication

  14. DIFFIE-HELLMAN KEY EXCHANGE

  15. DIFFIE-HELLMAN KEY EXCHANGE

  16. ELLIPTIC CURVES INSTEAD OF RSA • Replace multiplication with ’addition’ (a x a x a ….x a) mod n replaced by (a + a + a … + a) mod {elliptic curve} • Multiplicative order (size of ’circle’) replaced by #points on elliptic curve • Elliptic curve defined by cubic equation: y2 + xy = x3 + ax2 + b

  17. EXAMPLE OF ELLIPTIC CURVES

  18. ELLIPTIC CURVE E23(1,1)

  19. ECC KEY EXCHANGE

  20. ELLIPTIC CURVE vs RSA TABLE 10.2

More Related