Key Management and Distribution

Similar documents
Cryptography and Network Security Chapter 14

Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution

Key Management and Distribution

Lecture Note 6 KEY MANAGEMENT. Sourav Mukhopadhyay

X.509. CPSC 457/557 10/17/13 Jeffrey Zhu

T Cryptography and Data Security

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

T Cryptography and Data Security

CT30A8800 Secured communications

Transport Level Security

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Key management. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Network Security Essentials

ECE 646 Lecture 3. Key management

Public Key Cryptography

ECE 646 Lecture 3. Key management. Required Reading. Using the same key for multiple messages

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Acknowledgments. CSE565: Computer Security Lectures 16 & 17 Authentication & Applications

User Authentication. Modified By: Dr. Ramzi Saifan

Overview of Authentication Systems

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

Cryptography and Network Security

Chapter 9: Key Management

Cryptographic Protocols 1

Configuring SSL. SSL Overview CHAPTER

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Configuring SSL CHAPTER

Overview. SSL Cryptography Overview CHAPTER 1

ECE 646 Lecture 3. Key management. Required Reading. Using Session Keys & Key Encryption Keys. Using the same key for multiple messages

Configuring SSL. SSL Overview CHAPTER

Key management. Pretty Good Privacy

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Kerberos and Public-Key Infrastructure. Key Points. Trust model. Goal of Kerberos

1. Diffie-Hellman Key Exchange

Key Management and Distribution

CS Computer Networks 1: Authentication

UNIT - IV Cryptographic Hash Function 31.1

Certificates, Certification Authorities and Public-Key Infrastructures

Cryptography and Network Security

Introduction to SSL. Copyright 2005 by Sericon Technology Inc.

KEY DISTRIBUTION AND USER AUTHENTICATION

Key Agreement Schemes

Diffie-Hellman. Part 1 Cryptography 136

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

CS530 Authentication

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Chapter 4 Authentication Applications

User Authentication. Modified By: Dr. Ramzi Saifan

Lecture 2 Applied Cryptography (Part 2)

Cryptography and Network Security

Public Key Infrastructure

Crypto meets Web Security: Certificates and SSL/TLS

Cryptology Part 1. Terminology. Basic Approaches to Cryptography. Basic Approaches to Cryptography: (1) Transposition (continued)

Spring 2010: CS419 Computer Security

E-commerce security: SSL/TLS, SET and others. 4.1

Key Management and Elliptic Curves

Verteilte Systeme (Distributed Systems)

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

CPSC 467b: Cryptography and Computer Security

Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Cryptographic Checksums

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Server-based Certificate Validation Protocol

egov & PKI By: Alaa Eldin Mahmoud Aly YOUR LOGO

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

PROVING WHO YOU ARE TLS & THE PKI

Authentication in Distributed Systems

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Introduction to Security

Security: Focus of Control

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Outline Key Management CS 239 Computer Security February 9, 2004

CS November 2018

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Fall 2010/Lecture 32 1

Datasäkerhetsmetoder föreläsning 7

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

ICS 180 May 4th, Guest Lecturer: Einar Mykletun

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

L7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

Chapter 10 : Private-Key Management and the Public-Key Revolution

Authentication & Authorization

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

Total points: 71. Total time: 75 minutes. 9 problems over 7 pages. No book, notes, or calculator

SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Chapter 4: Securing TCP connections

Information Security CS 526

INF3510 Information Security University of Oslo Spring Lecture 3 Key Management and PKI. Audun Jøsang

Security PGP / Pretty Good Privacy. SANOGXXX July, 2017 Gurgaon, Haryana, India

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Version 3 X.509 Certificates

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

5. Authentication Contents

A Modified Approach for Kerberos Authentication Protocol with Secret Image by using Visual Cryptography

But where'd that extra "s" come from, and what does it mean?

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Transcription:

2 and Distribution : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l10, Steve/Courses/2015/s2/css441/lectures/key-management-and-distribution.tex, r4295 1 Contents and Management using using Distribution of Certificates

4 Challenges How to share a secret key? How to obtain someone else s public key? When to change keys? Assumptions and Principles Many users wish to communicate securely across network Attacker can intercept any location in network Manual interactions between users are undesirable (e.g. physical exchange of keys) More times a key is used, greater chance for attacker to discover the key 3 Where Should Be Performed? A B SW1 SW3 R2 SW5 F G C R1 SW4 R3 H D E SW2 R4 SW6 I J Number of keys to be exchanged depends on number of entities wishing to communicate Related issue: where to perform encryption Encrypt separately across each link Encrypt only at end-points

6 Link vs End-to-End Link Encrypt data over individual links in network Each link end-point shares a secret key Decrypt/Encrypt at each device in path Requires all links/devices to support encryption End-to-End Encrypt data at network end-points (e.g. hosts or applications) Each pair of hosts/applications share a secret key Does not rely on intermediate network devices 5 How Many Keys Need To Be Exchanged? A B SW1 SW3 R2 SW5 F G C R1 SW4 R3 H D E SW2 R4 SW6 I J Link-level encryption? End-to-end encryption between hosts? End-to-end encryption between applications?

8 Exchanging Secret Keys Option 1: Manual Exchange of All Keys All users exchange secret keys with all other users manually (e.g. face-to-face) Inconvenient Option 2: Manual Exchange of Master Keys All users exchange master key with trusted, central entity (e.g. Centre) Session keys automatically exchanged between users via KDC Security and performance bottleneck at KDC 7 Exchanging Secret Keys Option 3: Public Key Cryptography to Exchange Secrets Use public-key cryptography to securely and automatically exchange secret keys Example 1: user A encrypts secret with user B s public key; sends to B Example 2: Diffie-Hellman secret key exchange Related issue: How to obtain someone else s public key?

10 Contents and Management using using Distribution of Certificates 9 using Objective: two entities share same secret key Principle: change keys frequently How to exchange a secret key? 1. Decentralised : manual distribution of master keys between all entities, automatic distribution of session keys 2. Centre (KDC): manual distribution of master keys with KDC, automatic distribution of session keys

12 Key Hierarchy and Lifetimes Master keys used to securely exchange session keys Session keys used to securely exchange data Change session keys automatically and regularly Change master keys manually and seldom Session key lifetime: Shorter lifetime is more secure; but increases overhead of exchanges Connection-oriented protocols (e.g. TCP): new session key for each connection Connection-less protocols (e.g. UDP/IP): change after fixed period or certain number of packets sent 11 Notation End-systems: A and B, identified by ID A and ID B Master key (between A and B): K m Master keys specific to user: K a, K b Session key (between A and B): K s Nonce values: N 1, N 2 Number used only once E.g. time-stamp, counter, random value, function f () Must be different for each request Must be difficult for attacker to guess

14 Decentralised Each end-system must manually exchange n 1 master keys (K m ) with others Does not rely on trusted-third party Credit: Figure 14.5 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 13 Using a Centre Centre (KDC) is trusted third party Users manually exchange master keys with KDC Users automatically obtain session key (via KDC) to communicate with other users

16 with KDC Credit: Figure 14.3 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 15 Hierarchical Key Control Use multiple KDCs in a hierarchy E.g. KDC for each LAN (or building); central KDC to exchange keys between hosts in different LANs Reduces effort in key distribution; limits damage if local KDC is compromised

18 Contents and Management using using Distribution of Certificates 17 using encryption generally too slow for encrypting large amount of data Common application of asymmetric encryption is exchanging secret keys Three examples: 1. Simple Secret 2. Secret with Confidentiality and Authentication 3. Hybrid Scheme: Public- of KDC Master Keys

20 Simple Secret Simple: no keys prior to or after communication Provides confidentiality for session key Subject to man-in-the-middle attack Only useful if attacker cannot modify/insert messages Credit: Figure 14.7 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 19 Man-in-the-Middle Attack

22 Secret with Confidentiality and Authentication Provides both confidentiality and authentication in exchange of secret key Credit: Figure 14.8 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 21 Hybrid Scheme: Public- of KDC Master Keys Use public-key distribution of secret keys when exchanging master keys between end-systems and KDC Efficient method of delivering master keys (rather than manual delivery) Useful for large networks, widely distributed set of users with single KDC

24 Contents and Management using using Distribution of Certificates 23 Distribution of By design, public keys are made public Issue: how to ensure public key of A actually belongs to A (and not someone pretending to be A) Four approaches for distributing public keys 1. Public announcement 2. Publicly available directory 3. Public-key authority 4. Public-key certificates

Public Announcements Make public key available in open forum: newspaper, email signature, website, conference,... Problem: anyone can announce a key pretending to be another user Credit: Figure 14.9 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 25 Publicly Available Directory All users publish keys in central directory Users must provide identification when publishing key Users can access directory electronically Weakness: directory must be secure Credit: Figure 14.10 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 26

28 Public-Key Authority Specific instance of using publicly available directory Assume each user has already security published public-key at authority; each user knows authorities public key Credit: Figure 14.11 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 27 Public-Key Authority First 5 messages are for key exchange; last 2 are authentication of users Although 7 messages, public keys obtained from authority can be cached Problem: authority can be bottleneck Alternative: public-key certificates

30 Public-Key Certificates Assume public keys sent to CA can be authenticated by CA; each user has certificate of CA Credit: Figure 14.12 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 29 Public Key Certificates A certificate is the ID and public-key of a user signed by CA C A = E(PR auth, [T ID A PU a ]) Time-stamp T validates currency of certificate (expiration date) Common format for certificates is standard (by ITU) S/MIME (secure email) IP security (network layer security) SSL/TLS (transport layer security) SET (e-commerce)

32 Contents and Management using using Distribution of Certificates 31 Certificates Each user has a certificate, although it is created by the Certificate Authority (CA) Certificates are stored in a public directory Certificate format includes: Version of certificate Serial number unique to the issuer (CA) Signature algorithm Issuer s name and unique identifier Period of validity Subject s name and unique identifier Subject s public key information: algorithm, parameters, key Signature Certificates may be revoked before expiry CA signs a Certificate Revocation List (CRL), which is stored in public directory

Multiple Certificate Authorities Multiple CA s can be arranged in hierarchy Notation: Y << X >> certificate of X issued by CA Y Credit: Figure 14.15 in Stallings, Cryptography and Network Security, 5th Ed., Pearson 2011 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback