1 / 9

Key Distribution

Key Distribution. Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, 1996. Symmetric Key Exchange Without Server. Assume that two users have a copy of a symmetric encryption key K. For a small number of messages, K may be used for encryption.

caden
Télécharger la présentation

Key Distribution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Key Distribution Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, 1996. Ref: Pfleeger96, Ch.4

  2. Symmetric Key Exchange Without Server • Assume that two users have a copy of a symmetric encryption key K. • For a small number of messages, K may be used for encryption. • A new key may be generated (Knew) and K can be used to encrypt Knew, which can be sent to the receiver. Ref: Pfleeger96, Ch.4

  3. A Problem with Symmetric Key Exchange Without Server • Each pair of users need to share a key that is unique. • If there are n pairs, then n(n+1)/2 keys are needed. Ref: Pfleeger96, Ch.4

  4. Symmetric Key Exchange with Server • Two users request a key from a central key distribution service. • The number of keys required is reduced, but the flexibility is also reduced. • The key distribution service could also become a bottleneck. Ref: Pfleeger96, Ch.4

  5. Asymmetric Key Distribution Without Server • Asymmetric (public) encryption reduces the need for individual keys. • The vulnerability of the central distribution service is also reduced. • Although the messages could be directly encrypted using the public keys, the algorithms tend to be less efficient than symmetric ones. Ref: Pfleeger96, Ch.4

  6. Asymmetric Key Distribution Without Server (p.2) • Public key authentication could be used to deliver a secret key for efficient symmetric encryption. • A generates a secret symmetric key for communications with B--Ks • A then encrypts Ks with A’s secret key. • A then uses B’s public key to send the encrypted key to A. • A then authenticates Ks by decrypting it with A’s public key. Ref: Pfleeger96, Ch.4

  7. Asymmetric Key Distribution Without Server (p.3) • To verify the key, each side can also send a test message. • A random number could be generated, encrypted and sent. • The other side could decrypted the number, add one, and then encrypt it and send it back. • Finally a distribution center could provide the public keys, in the first place. Ref: Pfleeger96, Ch.4

  8. Asymmetric Key Exchange with Server • A requests B’s public key from the key distribution center. • The distribution center uses its secret key (for authentication) to encrypt B’s public key and identifier and sends it to A. • A decrypts the key using the distribution center’s public key and the result is authenticated. Ref: Pfleeger96, Ch.4

  9. Asymmetric Key Exchange with Server (p.2) • Now A sends can send his identity and a reference encrypted with B’s public key. • B communicates with the key distribution center to receive A’s public key. • B then encrypts his A’s reference and her own reference for authentication. • A then sends a message and B’s reference. Ref: Pfleeger96, Ch.4

More Related