minimizing the number of keys for secure communication in a network by niels duif
TRANSCRIPT
Minimizing the number of keys for secure communication in a networkBy Niels Duif
Remarks
• Ask questions• Proof by example
/ Department of Mathematics and Computer Science PAGE 219-04-23
Contents
• Introduction• Splitting a message• Constructions• Combining constructions• Conclusions
/ Department of Mathematics and Computer Science PAGE 319-04-23
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 419-04-23
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 519-04-23
Alice
Bob
Eve Chris
common key: kAB
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 619-04-23
Alice
Bob
Eve Chris
common key: kAB
Hi!
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 719-04-23
Alice
Bob
Eve Chris
common key: kAB
z$#
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 819-04-23
Alice
Bob
Eve Chris
common key: kAB
z$#
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 919-04-23
Alice
Bob
Eve Chris
common key: kAB
z$#
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 1019-04-23
Alice
Bob
Eve Chris
common key: kAB
Hi!
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 1119-04-23
Alice
Bob
Eve Chris
common key: kAB
Hi!
?
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 1219-04-23
Alice
Bob
Eve Chris
common key: kAB common key: kBC
common key: kCE
Communication graph
/ Department of Mathematics and Computer Science PAGE 1319-04-23
Alice Bob Chris Eve
Communication graph
• Persons are represented by nodes• Nodes that have one or more keys in common are
connected by a line
/ Department of Mathematics and Computer Science PAGE 1419-04-23
Alice Bob Chris Eve
Communication graph
• Persons are represented by nodes• Nodes that have one or more keys in common are
connected by a line• The lines are labelled with the common keys
/ Department of Mathematics and Computer Science PAGE 1519-04-23
Alice Bob Chris Eve
kAB kBC kCE
Communication graph
• Persons are represented by nodes• Nodes that have one or more keys in common are
connected by a line• The lines are labelled with the common keys
/ Department of Mathematics and Computer Science PAGE 1619-04-23
A B C E
1 2 3
Communication graph
• Nodes may have more than one key in common
/ Department of Mathematics and Computer Science PAGE 1719-04-23
A B
C D
1
3
25
4
Communication graph
• Nodes may have more than one key in common
/ Department of Mathematics and Computer Science PAGE 1819-04-23
A (1,2,5) B (1,4,5)
C (2,3) D (3,4)
1
3
25
4
How to assign keys?
/ Department of Mathematics and Computer Science PAGE 1919-04-23
C
B
A
E
D
How to assign keys?
• Give every pair of nodes a different key
/ Department of Mathematics and Computer Science PAGE 2019-04-23
C
B
A
E
D
How to assign keys?
• Give every pair of nodes a different key
/ Department of Mathematics and Computer Science PAGE 2119-04-23
C
B
A
E
D
How to assign keys?
• Give every pair of nodes a different key
• This requires keys for n nodes
/ Department of Mathematics and Computer Science PAGE 2219-04-23
C
B
A
E
D
2
)1(
2
nnn
Using fewer keys
• Is secure communication possible with fewer keys?− Yes, assuming that some nodes may be trusted
• Assumption: at most t nodes cannot be trusted• Aim: minimize the total number of keys, c
/ Department of Mathematics and Computer Science PAGE 2319-04-23
Splitting a message
/ Department of Mathematics and Computer Science PAGE 2419-04-23
Splitting a message
• Split a message and send it through different paths• Example: communication from A to D
/ Department of Mathematics and Computer Science PAGE 2519-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
Splitting a message
• Split a message and send it through different paths• Example: communication from A to D
/ Department of Mathematics and Computer Science PAGE 2619-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
part 1
Splitting a message
• Split a message and send it through different paths• Example: communication from A to D
/ Department of Mathematics and Computer Science PAGE 2719-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
part 1
part 2
Splitting a message
• Determine random shares: M1, M2, ... , Ms-1
• Use bitwise addition mod 2: “ ”, or “XOR”
• Ms = M1 M2 ... Ms-1 M
• M1 M2 ... Ms-1 Ms = M
/ Department of Mathematics and Computer Science PAGE 2819-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
/ Department of Mathematics and Computer Science PAGE 2919-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
/ Department of Mathematics and Computer Science PAGE 3019-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M0 = 01001000 01101001 00100001
/ Department of Mathematics and Computer Science PAGE 3119-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M0 = 01001000 01101001 00100001
/ Department of Mathematics and Computer Science PAGE 3219-04-23
Sending a message
/ Department of Mathematics and Computer Science PAGE 3319-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
M1
Sending a message
/ Department of Mathematics and Computer Science PAGE 3419-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
M1
M2
Retrieving a message
• The message is retrieved as the XOR of all shares:
• M = M1 M2 ... Ms
• All shares are needed to retreive the message
/ Department of Mathematics and Computer Science PAGE 3519-04-23
Constructions for t=1
• One corrupt node• The total number of keys is c• How large can n be?
/ Department of Mathematics and Computer Science PAGE 3619-04-23
Sperner’s theorem
• n is at most
• This uses all possible key sets of size
/ Department of Mathematics and Computer Science PAGE 3719-04-23
2c
c
2
c
Example
/ Department of Mathematics and Computer Science PAGE 3819-04-23
62
4
n
4c
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Example
• Communication from A to F
/ Department of Mathematics and Computer Science PAGE 3919-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Example
• Communication from A to F
/ Department of Mathematics and Computer Science PAGE 4019-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F
/ Department of Mathematics and Computer Science PAGE 4119-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4219-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4319-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4419-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4519-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4619-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all combinations of their keys
/ Department of Mathematics and Computer Science PAGE 4719-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 4819-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 4919-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5019-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5119-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5219-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5319-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Conclusion: Key 1 and 2or Key 3 and 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5419-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Conclusion: Key 1 and 2or Key 3 and 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5519-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Conclusion: Key 1 and 2or Key 3 and 4
Possible constructions
Number of nodes n 6 10 20 35 70 126 252
Number of keys c 4 5 6 7 8 9 10
/ Department of Mathematics and Computer Science PAGE 5619-04-23
Possible constructions
Number of nodes n 6 10 20 35 70 126 252
Number of keys c 4 5 6 7 8 9 10
/ Department of Mathematics and Computer Science PAGE 5719-04-23
25.1)(log2 nc
Possible constructions
Number of nodes n 6 10 20 35 70 126 252
Number of keys c 4 5 6 7 8 9 10
/ Department of Mathematics and Computer Science PAGE 5819-04-23
25.1)(log2 nc
For other values of n (Desmedt, Duif, Van Tilborg, Wang):
25.2)(log2 nc
Constructions for t>1
• Similar splitting of messages• Different constructions• Dual of a 2-design is used
/ Department of Mathematics and Computer Science PAGE 5919-04-23
What is a 2-design?
/ Department of Mathematics and Computer Science PAGE 6019-04-23
Example
/ Department of Mathematics and Computer Science PAGE 6119-04-23
The Fano Plane
Example
/ Department of Mathematics and Computer Science PAGE 6219-04-23
The dual is found by interchanging the points and lines
The Fano Plane
Example
/ Department of Mathematics and Computer Science PAGE 6319-04-23
The dual is found by interchanging the points and lines
The dual of the Fano Plane
Example
/ Department of Mathematics and Computer Science PAGE 6419-04-23
The dual is found by interchanging the points and lines
The dual of the Fano Plane
Another example
/ Department of Mathematics and Computer Science PAGE 6519-04-23
The Affine Plane over F3
Another example
/ Department of Mathematics and Computer Science PAGE 6619-04-23
The dual of the Affine Plane over F3
Important property
/ Department of Mathematics and Computer Science PAGE 6719-04-23
The dual of the Affine Plane over F3
Every two lines meet in a unique point
Possible constructions
Number of nodes, n 7 12 26 35 57 70
Number of keys, c 7 9 13 15 19 21
/ Department of Mathematics and Computer Science PAGE 6819-04-23
Number of nodes, n 13 20 50 63
Number of keys, c 13 16 25 28
t=2
t=3
ntc Known constructions: ntc
Other values of n
• Combine constructions• Use building blocks that are t-safe• Use some extra keys
/ Department of Mathematics and Computer Science PAGE 6919-04-23
Combining constructions
/ Department of Mathematics and Computer Science PAGE 7019-04-23
Safe for t=2
Combining constructions
/ Department of Mathematics and Computer Science PAGE 7119-04-23
Safe for t=2 Safe for t=2
Combining constructions
/ Department of Mathematics and Computer Science PAGE 7219-04-23
Safe for t=2
t+1 extra keys
How many keys are needed?
• Conjecture:
• Known constructions:
• Which is better?
/ Department of Mathematics and Computer Science PAGE 7319-04-23
ntc 2
ntc
PAGE 7419-04-23
Conclusions
• Block designs use fewer keys than existing constructions
• Constructions may be combined• Block designs use many communication paths
(about where is possible)
/ Department of Mathematics and Computer Science PAGE 7519-04-23
3t 1t
End of presentation
/ Department of Mathematics and Computer Science PAGE 7619-04-23
dual
Splitting messages Block designs
Combining constructionst=1
t>1
ntc 2
25.2)(log2 nc