DOC PREVIEW
UT CS 361 - Foundations of Computer Security

This preview shows page 1-2 out of 6 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 6 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Foundations of Computer SecurityLecture 51: Key ExchangeDr. Bill YoungDepartment of Computer SciencesUniversity of Texas at AustinLecture 51: 1 Key ExchangeThe Key Exchange ProblemSuppose you want to establish a secure communication channelwith someone you don’t know. We call this a situation of mutualsuspicion. This is extremely common.You submit your income tax on-line.You send your credit card information to a shopping website.You wish to exchange encrypted email with another party.Once you agree on a shared secret (key) the communication canproceed. But how do you exchange the key? This is the keyexchange problem.Lecture 51: 2 Key ExchangeKey Exchange: Attempt 1Suppose both parties S and R have a public / private RSA keypair for asymmetric communication. Say S chooses a newsymmetric key K and sends to R the following message:{K }K−1S.R can decrypt the message using S’s public key to retrieve K .What is wrong with this scheme?Answer: Any eavesdropper can intercept the message and decryptit using S’s public key to retrieve K .Lecture 51: 3 Key ExchangeKey Exchange: Attempt 2Instead, suppose S sends to R the following message:{K }KR.Since only R can decrypt this message, confidentiality is assured.What’s wrong this time?Now R doesn’t have any assurance that the message actually camefrom S. An intruder may be “spoofing” (pretending to be S) toobtain information that R intends only for S.Can we preserve both confidentiality and authentication with onetransaction?Lecture 51: 4 Key ExchangeKey Exchange (Cont.)A third attempt is for S to send R the following:{{K }K−1S}KR.How does R extract K? What assurances does this provide?1Since, no one but R can decrypt the message, confidentialityis assured.2No one but S could have performed the inner encryption, soauthentication is accomplished.This notion of nested encryptions is very useful in a variety ofcryptographic protocols. Could you have done the encryptions inthe other order?Lecture 51: 5 Key ExchangeLessonsPublic key cryptosystems can be used for key exchange, butyou have to do it carefully.Key exchange requires both confidentiality and authentication.Next lecture: Diffie-Hellman Key ExchangeLecture 51: 6 Key


View Full Document

UT CS 361 - Foundations of Computer Security

Documents in this Course
Load more
Download Foundations of Computer Security
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Foundations of Computer Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Foundations of Computer Security 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?