1 / 35

Chapter 4-2 - Key Distribution Symmetric systems have key distribution issues. Consider: n different systems, each requi

Chapter 4-2 - Key Distribution Symmetric systems have key distribution issues. Consider: n different systems, each requiring a different secret key. For n users, there are n(n-1)/2 = (n 2 – n)/2 different keys. (for 3 systems = 3(3 - 1)/2 = 3(2)/2 = 3). That is, for:

sakina
Télécharger la présentation

Chapter 4-2 - Key Distribution Symmetric systems have key distribution issues. Consider: n different systems, each requi

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 4-2 - Key Distribution Symmetric systems have key distribution issues. Consider: n different systems, each requiring a different secret key. For n users, there are n(n-1)/2 = (n2 – n)/2 different keys. (for 3 systems = 3(3 - 1)/2 = 3(2)/2 = 3). That is, for: Systems A, B, & C need an A/B, A/C, & B/C key pair. This is known as the n2 key management problem since the number of keys managed is of order: n2 = O(n2). Key Distribution

  2. Chapter 4-2 - Key Distribution Distribution methods include: Manual key distribution (face-to-face, courier) Automated distribution (secure key exchange protocols) Mixed (key hierarchies, some levels manual, others automated) Key Distribution

  3. Manual Key Distribution Face–to-Face: Participants meet and exchange keys. Originally used in Pretty Good Privacy (PGP), an e-mail encryption system. An enhanced version used an initial manual exchange. Then additional exchanges could use the two original participants to exchange keys for additional parties. Created a web of trust for key exchange. Key Distribution

  4. PGP Key Exchange PGP method is not location independent, requires some kind of interaction, and doesn’t scale well. You basically have to know someone who knows someone …..etc. Couriers are still used in many cases and manual key installs are common in banking (e.g., ATM key updates). Key Distribution

  5. Mixed Methods – Key Hierarchies Manual methods are costly and don’t scale well, but can be used in a mixed mode of distribution using a key hierarchy: American National Standards Institute (ANSI) X9.17 specifies a multi-level hierarchy of keys. Three levels include: Long-life keys – manually distributed Medium life keys – electronically distributed Short life keys – electronically distributed Key Distribution

  6. Three level Key Hierarchy KKM keys are exchanged manually, change yearly. Distribution Method, Life System B System A KKM Keys KKM Keys Manual, long life Electronic, medium life KK Keys KK Keys Electronic, short life DK Keys DK Keys KKM keys encrypt KK keys, change monthly. KK Keys encrypt DK (data) keys, change every session or for every message). Valid lifetime is based on specific industry requirements and the strength of the keys. Key Distribution

  7. Key Exchange Protocols - Diffie/Hellman A novel method for electronic distribution, actually became the first asymmetrical (public) key system. Algorithm proposed: Dk1(Ek2(Ks) = Ks A symmetric key (Ks) is exchanged as above. Ks is encrypted (E) with a key k2 and decrypted (D) with key k1, where: k1 and k2 are different keys and where only one key had to be kept secret. Key Distribution

  8. Key Exchange Protocols - Diffie/Hellman If this worked, then one of the keys could be sent over a network without compromising the security of the encryption algorithm. This is true if it is mathematically “hard” to deduce k1 (the private key) with knowledge of k2 (the public key). As it turned out “hard” is defined as being able to solve discrete log functions. Key Distribution

  9. Diffie/Hellman Key Exchange - Basics 1 Assume some prime number p has a primitive root, say a, and defines a set of numbers that are powers of a mod p. These numbers will generate all the integers from 1 to p-1. That is: a mod p, a2 mod p, a3 mod p, …..ap-1 mod p 0 is not generated since a prime number has no factors other than 1 and itself. 0 is not a prime number! Key Distribution

  10. Diffie/Hellman Key Exchange - Basics 1 The generated list will not be monotonic in the order numbers are generated. It will generate numbers in some permuted order, but will generate the complete set of numbers from 1 to p-1. Consider the prime number p =17 and a = 3 and solve: 3 mod 17, 32 mod 17, 33 mod 17, …..3p-1 mod 17 Key Distribution

  11. Diffie/Hellman Key Exchange - Basics 2 a mod p = 3 mod17 = 3; since 3/17 = 0, 3 (clock arithmetic) a2 mod p = 9 mod 17 = 9 9/17 = 0, 9 a3 mod p = 27 mod 17 = 10 a4 mod p = 81 mod 17 = 13 a5 mod p = 243 mod 17 = 5 a6 mod p = 729 mod 17 = 15 729/17 = 48, 15 a7 mod p = 2187 mod 17 = 11 a8 mod p = 6561 mod 17 = 16 a9 mod p = 19683 mod 17 = 14 a10 mod p = 59049 mod 17 = 8 a11 mod p = 177147 mod 17 = 7 a12 mod p = 531441 mod 17 = 4 a13 mod p = 1594323 mod 17 = 12 a14 mod p = 4782969 mod 17 = 2 a15 mod p = 14348907 mod 17 = 6 a16 mod p = 43046721 mod 17 = 1 Notice the set is complete up to p - 1 Key Distribution

  12. Diffie/Hellman Key Exchange - Basics 3 Result: For any integer b < p and primitive root a for a prime p, an exponent k can be determined such that: b = ak mod p with 0 < k < (p-1) (i.e., k is a member of the set) For k = 8; 16 = a8 mod 17 (p = 17, and k < p) The exponent k is called the index of b. It is also called the discrete logarithm of b for a mod p. Key Distribution

  13. Diffie/Hellman Key Exchange - Basics 3 Diffie/Hellman key exchange uses two publicly known Numbers: a prime number p, and an integer primitive root of p, say a (same a) and a secret private integer I. Assume Alice & Bob want to exchange keys. They publicly agree on p and a. Key Distribution

  14. Diffie/Hellman Key Exchange Algorithm Assume they agree on p = 29, a = 7 Alice selects a random integer, Ia < p and computes: Ja = aIa mod p. Bob selects a random integer, Ib < p and computes Jb = aIb mod p. Assume Alice chooses Ia = 8; Ja = 78 mod 29 = 5,764,801 mod 29 = 5,764,801/29 = Q of 198,786; R of 7; So Ja = 7 Key Distribution

  15. Diffie/Hellman Key Exchange Algorithm Assume Bob chooses Ib = 6; then Jb = 76 mod 29 = 117,649 mod 29 = 117,649/29 = Q of 4056; R of 25; So Jb = 25 Alice & Bob keep Ia and Ib secret, but publicly exchange Ja & Jb. They can then independently compute the secret key: Alice will compute the secret key K = (Jb)Ia mod p and Bob will compute the secret key = (Ja)Ib mod p. Key Distribution

  16. Diffie/Hellman Key Exchange Algorithm Alice’s computation: K = (Jb)Ia mod p; Ia = 8, Jb = 25 258 mod 29 = Oops 258 too big for my calculator 258 mod 29 = 254 mod 29 x 254 mod 29 = 390,625 mod 29 x 390,625/29 = Q of 13,469; R of 24 x Q of 13,469; R of 24 Drop Q’s. 24 x 24 mod 29 = 576 mod 29 = 576/29 and 576/29 = Q of 19; R of 25 Bob’s computation: K = (Ja)Ib mod p; Ib = 6, Ja = 7 76 mod 29 = 117,649 mod 29 = 117,649/29 = Q of 4056, R of 25 So…. Alice computes the key = 25 and so does Bob! Key Distribution

  17. Diffie/Hellman Key Exchange Algorithm Alice & Bob produced the same key. Why? Proof: K = (Jb)Ia mod p; (Jb= aIb mod p) = (aIb mod p)Ia mod p (substitute for Jb) = (aIb)Ia mod p = aIbIa mod p or = aIaIb mod p Reversing the substitutions (starting at the bottom): = aIaIb mod p = (aIa)Ib mod p = (aIa mod p)Ib mod p = (Ja)Ia mod p So, (Ja)Ib mod p = (Jb)Ia mod p; QED Key Distribution

  18. Diffie/Hellman Key Exchange Algorithm How strong is the key? Requires solving for K from: Ja = aIa mod p for a Where p, a, and Ja are known (we exchanged them) and a specific Ia , not known. For example: For p = 97, a = 5, Ia = 36; Ib = 58 Ja = 536 mod 97 = R of 50; also written as 50 mod 97 Jb = 558 mod 97 = 44 mod 97 Key Distribution

  19. Diffie/Hellman Key Exchange Algorithm The secret key is (Jb)Ia mod 97 = 4436 = 75 mod 97; i.e., K = 75 So… how hard is it to find 75 given p = 97, a = 5, Jb = 44 & Ja = 50? We must solve 44Ia = k mod 97 & 50Ib mod 97 for k Since Ia and Ib are less than 97, we must compute 44x mod 97 and 50y mod 97 until we get the same k for each. Key Distribution

  20. Diffie/Hellman Key Exchange Algorithm 4496 & 5096 are the upper bounds so we need 2 x this # of calculations. In reality, we know the key must be between 1 and 96, so we could do a key space search, return all keys and test. To make this hard we only need to make the key space large. Key Distribution

  21. Diffie/Hellman Key Exchange Algorithm Communications Channel Bob Alice p,a? Alice proposes a prime, p, and a primitive root, a Bob accepts p and a OK Let p = 5, a = 3 Set p = 5, a = 3 Select Ia such that 0 < Ia< p Select Ib such that 0 < Ib< p Let Ia = 2 Let Ib = 4 Compute Ja Compute Jb Ja = 32 mod 5 = 4 Jb = 34 mod 5 = 1 Ja = 4 Send Ja to Bob Send Jb to Alice Jb = 1 Compute K Compute K K = 12 mod 5 = 1 K = 44 mod 5 = 1 Key Distribution

  22. Diffie/Hellman Key Exchange - Strength For the example numbers, the key appears easy to break. However, recall we must find I in Ja = aIa mod p I is not disclosed in the exchange between Alice & Bob, a & p are. In practice p and a are from 512 to 1024 bits long (64 - 128 char.). Must factor p or a to find trial keys. Where p = 1024 bits means p < 21024 and a < 21024 - 1 This is an exponentially hard factoring problem! Key Distribution

  23. Diffie/Hellman Key Exchange - Weakness The key exchange is computationally intense. More limitations: It does not provide authentication. Subject to man-in-the-middle attacks. If Alice sends Bob Ja, an adversary intercepts Bob’s Jb and substitutes JI, the intruders value and sends to Alice. To keep Bob from responding the intruder will launch a denial of service attack at Bob to crash his system. Alice would compute a key that the intruder can also compute, communicate with the intruder and maybe disclose sensitive information to the adversary. Key Distribution

  24. Quantum Key Exchange An advanced method using the properties of photons for secure key exchanges. Widely hailed as inherently secure by virtue of the laws of physics. Original work by Charles Bennett at IBM TJ Watson Research Center in 1989. There are a few commercial products available today, but they are not yet ready for prime time. Key Distribution

  25. Quantum Key Concept Light photons exhibit a polarity property. By generating a stream of photons with polarities that represent a binary key stream, the key value can be communicated between two users, say Alice and Bob. The interesting part is that any one who attempts to intercept and read the photons will change their state and can be detected. Alice and Bob can securely exchange keys without fear of compromise! Key Distribution

  26. Quantum Basics Photons exhibit the property of polarity, which is determined by the direction of vibration or polarization of the photon. Two types of polarization shown below: Vertical/Horizontal polarities are called rectilinear and angled polarities are called diagonal. White light generates random polarities, but selective polarities can be produced by a collimating filter. Key Distribution

  27. Quantum Filter An ordinary bulb produces random polarities, the filter passes only those aligned with the filter. An LED can also be used to emit pulses followed by a lens and pinhole to collimate the beam, and two Pockels cells (a voltage driven crystal that orients the pulses either vertically or diagonally). Polarized Filter Key Distribution

  28. Quantum Filtering Bit associations can be made using the four polarities Message: 1 1 0 1 1 0 1 0 0 1 Polarity Scheme: + x + x x x + + x x Such that: + horizontal = 1; + vertical = 0 x diagonal down = 1; x diagonal up = 0 Transmitted Data: Two choices are made: A polarization (basis) and a bit value (1 or 0) Key Distribution

  29. Quantum Bit Transmission Before transmission begins, the sender (Alice) makes two choices per bit: The state of the bit (1 or 0) to be sent. The polarization for the bit (rectilinear or diagonal). The choice of polarization is called the basis. Key Distribution

  30. Alice’s Transmission System Alice Random Number Generator produces string 0110010111010001 – records random bit string Polarizer controls Bit-by-bit filter selection Polarization Filter Blue = rectilinear Red = diagonal 0110010111010001 – Polarized photon bit string Key Distribution

  31. Bob’s Receiving System Bob Bob randomly selects the polarization detector (Red or Blue) to use to read Alice’s data stream and records his results. This means he will read some correctly and others he will read incorrectly. Bob confirms he read the photons and then Alice sends a message to Bob and tells him her basis (which filters she used For each bit). She does not tell Bob what the value of the bit was (1 or 0). Bob tells Alice which bits he measured correctly. They discard the incorrect bits and have agreed on a key. 0110010111010001 – Alice’s data stream Key Distribution

  32. Eve’s Quandry Assume evil Eve is eavesdropping on the line and intercepts the stream of photons. She is in the same position as Bob. She does not know which detector to use and selects detectors at random. Like Bob, Eve will read some correctly and some wrong. Even if Eve listens to Alice tell Bob which detectors she used, it is unlikely Eve used the same ones as Bob. Key Distribution

  33. A Final Benefit Assume evil Eve is eavesdropping on the line and intercepts the stream of photons. When she measures the photons she is likely to change their state so Bob will not receive the same polarization that Alice sent. Consequently, the last thing Alice and Bob do are test Some of the bits by exchanging a message. If Bob’s results do not agree with what Alice sent they know Eve has been on the line. Key Distribution

  34. Length of the String Correct string lengths are on the order of a 1000 bits. So, they test about 75 for correctness by exchanging them in the clear. If Eve had been on the line, the probability that she didn’t change one of these bits by measuring it is about 1 in a Billion. Key Distribution

  35. State-of-the-Art This technology is still relatively immature. Only used for key exchange, not encryption. Distances in free space are limited to about 20 km and Over fiber to about 100km. Focus is on developing good single photon emitters, improving detector efficiency, and developing methods to add this capability to contemporary networks. Generally highly interesting, but not prime time stuff. Key Distribution

More Related