cns 13f lec09 keymanagement

8/13/2019 Cns 13f Lec09 Keymanagement

1/30

Network SecurityKey Management


2/30

2

Key Management

Public-key encryption helps address keydistribution problems

Have two aspects of this: Distribution of public keys Use of public-key encryption to distribute

secret keys


3/30

3

Distribution of Public Keys

Can be considered as using one offollowing mechanisms: Public announcement:

Publicly available directory

Public-key authority

Public-key certificates


4/30

4

Public Announcement

Users distribute public keys to recipients orbroadcast to community at large e.g.post to news groups or email list


5/30

5

Public AnnouncementWeakness

Major weakness is forgery Anyone can create a key claiming to be

someone else and broadcast it Until forgery is discovered, can masquerade

as claimed user


6/30

6

Publicly Available Directory

Can obtain greater security by registeringkeys with a public directory

Directory must be trusted with properties:

Contains {name, public-key} entries Participants register securely with directory Participants can replace key at any time Directory is periodically published

Directory can be accessed electronically


7/30

7

Publicly Available Directory

More secure than individual publicannouncements

Still vulnerable to tampering or forgery


8/30

8

Public-Key Authority

Improve security by tightening control overdistribution of keys from directory

Has properties of directory

And requires users to know public key for thedirectory Then users interact with directory to obtain

any desired public key securely

Does require real-time access to directory whenkeys are needed


9/30

9

Public-Key Authority


10/30

10

Public-Key AuthorityMessage Exchange

A sends a timestamped message to the publickey authority containing request for Bs publickey

Authority responds with a message encryptedwith its private key. As assured message is generated from authority

Message includes: Bs public key, original requestand original timestamp


11/30

11

Message Exchange

A stores Bs public key and also uses it forencryption of IDAand a nonce This identifies the session uniquely

B gets the public key from authority B sends a message to A encrypted with As

public key Message contains As nonce & new nonce from B As nonce in message tells that the communicator is

B A returns Bs nonce, encrypted using Bs publickey


12/30

12

Public-Key Certificates

Certificates allow key exchange without real-time access to public-key authority

A certificate binds identityto public key

Usually with other information such as period ofvalidity, rights of use, etc.

With all contents signedby a trusted Public-Key or Certificate Authority (CA)

Can be verified by anyone who knows thepublic-key authorities public-key


13/30

13



14/30

14


Nodes acquire the certificates from the CA

Each certificate contains a public key andother information, encrypted with CAs

private key Recipient uses CAs public key to decrypt the

certificate

Participant conveys its key information usingthis certificate


15/30

15

Public-Key CertificatesRequirements

Any participant can read a certificate

Any participant can verify that the

certificate originated from CA Only CA can create and update certificates

Any participant can verify the certificate


16/30

16

Public-Key Distribution of SecretKeys

Use previous methods to obtain public-key

Can use for secrecy or authentication

But public-key algorithms are slow

So usually want to use private-key encryptionto protect message contents Hence need a session key

Have several alternatives for negotiating asuitable session


17/30

17

Simple Secret KeyDistribution

Proposed by Merkle in 1979 A generates a new temporary public key

pair

A sends B the public key and their identity B generates a session key K sends it to A

encrypted using the supplied public key

A decrypts the session key and both use


18/30

18

Secret Key Distribution

Problem is that an opponent can intercept andimpersonate both halves of protocol

(1) KUa|| ID

A

(2) EKU

a

[KS]


19/30

19

Secret Key DistributionProblem Scenario

A generates public/private key and transmitsto B

E can intercept a message, create its ownpublic/private key pair and transmits it to B

B generates a secret key and transmits it

encrypted with Es public key


20/30

20

Problem Scenario

E intercepts message and learns the secretkey

E transmits to A the secret key encryptedwith As public key

Now E can intercept all the communication


21/30

21

Distribution of Secret Keys withConfidentiality and Authentication Must have securely exchanged public-keys:


22/30

22

Distribution of Secret Keys

1. A uses Bs public key to encrypt IDAand anonce Used to identify the transaction

2. B sends a message to A encrypted with Apublic key, containing As nonce and Bs nonce3. A returns nonce of B4. A selects a secret key and sends message

M; first encrypting secret key with Aprivate key and then encrypting with Bspublic key


23/30

23

Diffie-Hellman Key Exchange

First public-key type scheme proposed

By Diffie & Hellman in 1976 along with theexposition of public key concepts

Note:James Ellis (UK CESG) secretly proposedthe concept in 1970

Is a practical method for public exchange of asecret key

Used in a number of commercial products


24/30

24


A public-key distribution scheme Cannot be used to exchange an arbitrary message Rather it can establish a common key Known only to the two participants

Value of key depends on the participants (and theirprivate and public key information)


25/30

25

Diffie-Hellman Setup

Both the communicating parties agree on pand g Alice picks SAat random, Bob picks SB Alice computes TA=g

SA mod p, Bob computes TB=gSB

mod p

They exchange Ts Each raises the number they receive to their secret

number Alice computes TB

SA mod p, Bob computes TA

SBmod p

They come up with same number; because TBSA=(gSB) SA =gSA SB=(gSA) SB= TASBmod p= KAB


26/30

26

Diffie-Hellman Example

Users Alice & Bob who wish to swap keys:

Agree on prime p=353and g =3

Select random secret keys:

A chooses SA=97, B chooses SB=233 Compute public keys:

TA=397

mod 353 = 40 (Alice)

TB=3233

mod 353 = 248 (Bob)

Compute shared session key as:KAB= TB

SAmod 353 = 24897

= 160 (Alice)

KAB= TASBmod 353 = 40

233= 160 (Bob)


27/30

27


KABis used as session key in private-keyencryption scheme between Alice and Bob

If Alice and Bob subsequently communicate,they will have the samekey as before, unlessthey choose new public-keys

Attacker needs an S, must solve discrete log


28/30

28

The Diffie-Hellman Key ExchangeAlgorithm


29/30

29



30/30

30

Summary

Have considered: Distribution of public keys

Public-key distribution of secret keys

Diffie-Hellman key exchange

cns 13f lec09 keymanagement

Documents