New version page

SMC CS 78 - Key Distribution and Exchange

Upgrade to remove ads
Upgrade to remove ads
Unformatted text preview:

1Key Distribution and ExchangeDavid MorganUCLA ExtensionWhat kind of keys do we share? Secret keys, of 1-key cryptography Public keys, of 2-key cryptography2Which do we prefer? For bulk encryption over a session– secret keys, for performance For authentication– public keys, for uncompromisabilitySecure distribution of keys Public keys: trivial Secret keys: non-trivial3Public keys: distribution trivial Security doesn’t depend on public key Put them in a public database (DNS, phone book come to mind)Secret keys: distribution options Physical delivery– A selects key, gives to B– C selects key, gives to A and B Data network delivery– A & B have a previous key, new key can be sent encrypted with old– A & B have encrypted connections to C, who selects and sends new key to A & B Last option, basis of Key Distribution Centers4Key Distribution Center Systems communicate with KDC using master keys Systems communicate with each other using transient session keys Systems get session keys from KDCScale, required keys for N hosts N(N-1)/2 session keys– the number of pairs of hosts N master keys– the number of hosts5Scale, required keys for N hosts1000049,995,000100001000499,50010001004,950100104510NN(N-1)/2NMasterSessionNo. of hostsNumber of keys requiredScale, required master keys6Scale, required session keysDistributing KDC master keys Physical delivery, maybe feasible because– N relatively small– only done once Use public key system– KDC encrypts master key with stations’respective public keys for delivery7KDC operation A wants to talk to B A asks KDC for a session key KDC generates one Using KBKDC encrypts– the session key– A’s address Using KAKDC encrypts– the above– the session key KDC sends whole package to AKDC operation A decrypts received package– stores session key– sends B his portion B decrypts his portion– stores session key– corresponds it with the right party (A) Session ensues using session key8I prefer a self-securing connection, thank you A and B will negotiate their own key Without benefit of– a previous secret key between them– public and private key pairs belonging to them– an intermediate KDC In such manner that a free evesdroppercannot figure their key outAnd free pie—how ya gonna do that!!! It’s called Diffie-Hellman key exchange Allows an insecure channel to become secure There is information parties can exchange– that allows them to derive a common secret key– while disallowing an interceptor to do the same9“Primitive roots” of prime numbers1282,475,24910840,353,607995,764,80186823,54374117,64961016,807532,40142343354927717nmod 117nn7 is a “primitive root” of 11 because For n from 1 through 10 The remainders of 7ndivided by 11 Consist of the numbers 1 through 1010Diffie-Hellman operation A picks a prime p and its primitive root g A sends p and g to B A picks a random integer less than p B picks a random integer less than p A calculates the remainder, when divided by p, of g raised to his integer B calculates the remainder, when divided by p, of g raised to his integerDiffie-Hellman operation A sends his remainder to B B sends his remainder to A A calculates the remainder, when divided by p, of B’s remainder raised to A’s integer B calculates the remainder, when divided by p, of A’s remainder raised to B’s integer The results are always the same numbertextbook, pp. 96-9711Diffie-Hellman example A picks a prime 11 and its primitive root 7 A sends 11 and 7 to B A picks integer 3 B picks integer 6 A calculates the remainder, when divided by 11, of 7 raised to power 3 (it’s 2) B calculates the remainder, when divided by 11, of 7 raised to power 6 (it’s 4)Diffie-Hellman example A sends 2 to B B sends 4 to A A calculates the remainder, when divided by 11, of 4 raised to power 3 B calculates the remainder, when divided by 11, of 2 raised to power 6 Both results are 9, the new secret keytextbook, pp. 96-9712Interceptor resistance Interceptor gets p and g, and both parties’remainders Interceptor doesn’t get parties’ integers The integers are needed to calculate the key Deriving the a party’s integer from his remainder is mathematically infeasible for large


View Full Document
Download Key Distribution and Exchange
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Key Distribution and Exchange and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Key Distribution and Exchange 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?