Cryptography and Network Security Chapter 14Chapter 14 – Key Management and DistributionKey Management and DistributionKey DistributionSlide 5Key Distribution TaskKey HierarchySlide 8Key Distribution ScenarioKey Distribution IssuesSymmetric Key Distribution Using Public KeysSimple Secret Key DistributionMan-in-the-Middle AttackSecret Key Distribution with Confidentiality and AuthenticationHybrid Key DistributionDistribution of Public KeysPublic AnnouncementPublicly Available DirectoryPublic-Key AuthoritySlide 20Public-Key CertificatesSlide 22X.509 Authentication ServiceX.509 Certificate UseX.509 CertificatesSlide 26Obtaining a CertificateCA HierarchyCA Hierarchy UseCertificate RevocationX.509 Version 3Certificate ExtensionsPublic Key InfrastructurePKIX ManagementSummaryCryptography and Cryptography and Network SecurityNetwork SecurityChapter 14Chapter 14Fifth EditionFifth Editionby William Stallingsby William StallingsLecture slides by Lawrie BrownLecture slides by Lawrie BrownChapter 14 – Key Management Chapter 14 – Key Management and Distributionand DistributionNo Singhalese, whether man or woman, No Singhalese, whether man or woman, would venture out of the house without a would venture out of the house without a bunch of keys in his hand, for without such bunch of keys in his hand, for without such a talisman he would fear that some devil a talisman he would fear that some devil might take advantage of his weak state to might take advantage of his weak state to slip into his body. slip into his body. ——The Golden Bough, Sir James George The Golden Bough, Sir James George FrazerFrazerKey Management and Key Management and DistributionDistributiontopics of cryptographic key management / topics of cryptographic key management / key distribution are complex key distribution are complex cryptographic, protocol, & management issuescryptographic, protocol, & management issuessymmetric schemes require both parties to symmetric schemes require both parties to share a common secret keyshare a common secret keypublic key schemes require parties to public key schemes require parties to acquire valid public keysacquire valid public keyshave concerns with doing bothhave concerns with doing bothKey DistributionKey Distributionsymmetric schemes require both parties to symmetric schemes require both parties to share a common secret keyshare a common secret keyissue is how to securely distribute this keyissue is how to securely distribute this keywhilst protecting it from otherswhilst protecting it from othersfrequent key changes can be desirablefrequent key changes can be desirableoften secure system failure due to a break often secure system failure due to a break in the key distribution scheme in the key distribution schemeKey DistributionKey Distributiongiven parties A and B have various given parties A and B have various key key distributiondistribution alternatives: alternatives:1.1.A can select key and physically deliver to BA can select key and physically deliver to B2.2.third party can select & deliver key to A & Bthird party can select & deliver key to A & B3.3.if A & B have communicated previously can if A & B have communicated previously can use previous key to encrypt a new keyuse previous key to encrypt a new key4.4.if A & B have secure communications with a if A & B have secure communications with a third party C, C can relay key between A & Bthird party C, C can relay key between A & BKey Distribution TaskKey Distribution TaskKey HierarchyKey Hierarchytypically have a hierarchy of keystypically have a hierarchy of keyssession keysession keytemporary keytemporary keyused for encryption of data between usersused for encryption of data between usersfor one logical session then discardedfor one logical session then discardedmaster keymaster keyused to encrypt session keysused to encrypt session keysshared by user & key distribution centershared by user & key distribution centerKey HierarchyKey HierarchyKey Distribution ScenarioKey Distribution ScenarioKey Distribution IssuesKey Distribution Issueshierarchies of KDC’s required for large hierarchies of KDC’s required for large networks, but must trust each othernetworks, but must trust each othersession key lifetimes should be limited for session key lifetimes should be limited for greater securitygreater securityuse of automatic key distribution on behalf use of automatic key distribution on behalf of users, but must trust systemof users, but must trust systemuse of decentralized key distributionuse of decentralized key distributioncontrolling key usagecontrolling key usageSymmetric Key Distribution Symmetric Key Distribution Using Public KeysUsing Public Keyspublic key cryptosystems are inefficientpublic key cryptosystems are inefficientso almost never use for direct dataso almost never use for direct data encryptionencryptionrather use to encrypt secret keys for distributionrather use to encrypt secret keys for distributionSimple Secret Key DistributionSimple Secret Key DistributionMerkle proposed this very simple schemeMerkle proposed this very simple schemeallows secure communicationsallows secure communicationsno keys before/after existno keys before/after existMan-in-the-Middle AttackMan-in-the-Middle Attackthis very simple scheme is vulnerable to this very simple scheme is vulnerable to an active man-in-the-middle attackan active man-in-the-middle attackSecret Key Distribution with Secret Key Distribution with Confidentiality and Confidentiality and AuthenticationAuthenticationHybrid Key DistributionHybrid Key Distributionretain use of private-key KDCretain use of private-key KDCshares secret master key with each usershares secret master key with each userdistributes session key using master keydistributes session key using master keypublic-key used to distribute master keyspublic-key used to distribute master keysespecially useful with widely distributed usersespecially useful with widely distributed usersrationalerationaleperformanceperformancebackward compatibilitybackward compatibilityDistribution of Public KeysDistribution of Public Keyscan be considered as using one of:can be considered as using one of:public announcementpublic announcementpublicly available directorypublicly available directorypublic-key authoritypublic-key authoritypublic-key certificatespublic-key
View Full Document