1 / 8

Trusted 3 rd parties

Online Cryptography Course Dan Boneh. Basic key exchange. Trusted 3 rd parties. K ey management. Problem: n users. Storing mutual secret keys is difficult Total: O(n) keys per user. A better solution. Online Trusted 3 rd Party (TTP). TTP.

suzy
Download Presentation

Trusted 3 rd parties

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Online Cryptography Course Dan Boneh Basic key exchange Trusted 3rd parties

  2. Key management Problem: n users. Storing mutual secret keys is difficult Total: O(n) keys per user

  3. A better solution Online Trusted 3rd Party (TTP) TTP

  4. Generating keys: a toy protocol Alice wants a shared key with Bob. Eavesdropping security only. Bob(kB)Alice(kA)TTP “Alice wants key with Bob” choose random kAB ticket kAB kAB (E,D) a CPA-secure cipher

  5. Generating keys: a toy protocol Alice wants a shared key with Bob. Eavesdropping security only. Eavesdropper sees: E(kA, “A, B” llkAB) ; E(kB, “A, B” llkAB) (E,D) is CPA-secure ⇒ eavesdropper learns nothing about kAB Note: TTP needed for every key exchange, knows all session keys. (basis of Kerberos system)

  6. Toy protocol: insecure against active attacks Example: insecure against replay attacks Attacker records session between Alice and merchant Bob • For example a book order Attacker replays session to Bob • Bob thinks Alice is ordering another copy of book

  7. Key question Can we generate shared keys without an online trusted 3rd party? Answer: yes! Starting point of public-key cryptography: • Merkle (1974), Diffie-Hellman (1976), RSA (1977) • More recently: ID-based enc. (BF 2001), Functional enc. (BSW 2011)

  8. End of Segment

More Related